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About this guide 



This user guide provides step-by-step instructions for installing and using HP ProLiant Essentials 
Vulnerability and Patch Management Pack. 

Where to go for additional help 

In addition to this guide, the following information sources are available. 

For additional information about Vulnerability and Patch Management Pack, see: 

• http:/ / www.hp.com/ go/ vpm 

• HP ProLiant Essentials Vulnerability and Patch Management Pack Quick Setup Poster 

• HP ProLiant Essentials Vulnerability and Patch Management Support Matrix 

For additional information about HP Systems Insight Manager, see: 

• http:/ / www.hp.com/ qo/hpsim 

• HP Systems Insight Manager Installation and User Guide 

• HP Systems Insight Manager Help Guide 

Website 

Information about Vulnerability and Patch Management Pack and the latest updates are available at 
http:/ / www.hp.com/ go/ vpm . 
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Introduction 



Malicious software security threats are becoming more frequent, more sophisticated, and more costly 
to businesses, draining billions of dollars in productivity, revenue, and corporate credibility each 
year. The vast majority of attacks, including automated worms, are performed against known 
vulnerabilities for which a patch or fix is widely known. 

Gain the upper hand in the war against hackers, worms, and trojan software that exploit software 
security vulnerabilities by using HP ProLiant Essentials Vulnerability and Patch Management Pack— the 
all-in-one vulnerability assessment and patch management tool. Vulnerability and Patch Management 
Pack enables you to: 

• Enhance system lifecycle management by incorporating vulnerability assessment and patching as 
an integral part of the system management process 

• Accelerate resolution of vulnerabilities by reducing the research time to understand the criticality 
of the vulnerability and the expected behavior for patches and fixes 

• Reduce the risk of security threats by automating the acquisition, scheduling the deployment, and 
continuously enforcing the persistence (desired state) of patches 



Combined vulnerability assessment and 
patch management 




Patching powered by Radia 



Built on industry-leading scanning (PatchLink Security Threat Avoidance Technology) and patch 
management technology (HP OpenView using Radia), and integrated into the industry-leading HP 
Systems Insight Manager (HP SIM), Vulnerability and Patch Management Pack delivers a robust set of 
features. 

• Combined vulnerability assessment and patch management— A single tool seamlessly combines 
the assessment and the remediation of vulnerabilities, reducing operational complexity that 
arises from managing separate tools for vulnerability assessment and patch management. 

• Integrated into HP SIM— This enables use of already existing functionality, such as discovery, 
identification, scheduling, role-based security, notification, and group-based actions, eliminating 
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the need to recreate these tasks in multiple tools for vulnerability assessment and patch 
management. 

Comprehensive vulnerability assessment— Coverage of vulnerabilities reported in all leading 
vulnerability databases ensures comprehensive assessment. Powered by PatchLink Security 
Threat Avoidance Technology (STAT®) Scanner (the only Common Criteria Certified scanner), 
the vulnerability assessment identifies vulnerabilities reported in the Common Vulnerabilities and 
Exposures (CVE) list, the Federal Computer Incident Response Center (FedCIRC) vulnerability 
catalog, the SANS Top 20 Internet Security Vulnerabilities list, the Computer Emergency 
Response Team (CERT) advisories list, and the U.S. Department of Energy Computer Incident 
Advisories Center (CIAC) bulletins. 

Automated acquisition, scheduled deployment, and continous enforcement of patches: 

o Automatically collects new vulnerability updates and patches directly from vendor sources, 
such as a vendor's Web-based patch repository. Updates can be acquired outside the 
firewall and imported into the patch repository in infrastructures where firewall policies 
prevent HTTP and FTP downloads 

o Schedulable deployment, schedulable reboots after deployment, and checkpoint-restarts 
ensure that patches are deployed with minimal impact on network resources and enable 
patches to be managed from a central point. 

o Unique desired-state management automatically and continuously ensures that patches 
remain applied in their proper state. If patches are corrupted in any way, they are 
automatically reinstalled to bring the system to the desired level of patches. 



Vulnerability and Patch Management Pack 
:ess 

The following figure details the process for using Vulnerability and Patch Management Pack. 



VPM Operational Model 
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Infrastructure 



A server environment using Vulnerability and Patch Management Pack consists of the 
following components: 

• Vulnerability and Patch Management Pack 

• HP SIM 

• Target systems 

• VPM Acquisition Utility (installed on a separate system, optional) 

Vulnerability and Patch Management Pack and HP SIM can be installed together on a single server 
(referred to as a shared configuration), or each component can be installed on a separate server 
(referred to as a distributed configuration). 

IMPORTANT: For this release, both Vulnerability and Patch Management Pack and HP SIM must be 
operating on a Microsoft® Windows® server. 



Shared server configuration 



In a shared server configuration, Vulnerability and Patch Management Pack and HP SIM are installed 
on the same server. The following figure depicts a shared server configuration, in which the VPM 
server has Internet access to obtain patch and vulnerability updates. 
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The following figure depicts a shared server configuration, in which the VPM Acquisition Utility is u 
to obtain patch and vulnerability updates from the patch update sources. 



VPM Acquisition Utility (optional) 




Target Systems 

( , Wind ows an d f\L i n u x) 
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Distributed server configuration 

In a distributed server configuration, Vulnerability and Patch Management Pack and HP SIM are each 
installed on a different server. A distributed server configuration can be beneficial in situations where 
the hardware limitations of the HP SIM server do not allow Vulnerability and Patch Management Pack 
to function efficiently on the HP SIM server. 

The following figure depicts a distributed server configuration, in which the VPM server has Internet 
access to obtain patch and vulnerability updates. 
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The following figure depicts a distributed server configuration, in which the VPM Acquisition Utility is 
used to obtain patch and vulnerability updates from patch update sources. 
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The Vulnerability and Patch Management Pack 
interface 

Vulnerability and Patch Management Pack vulnerability information appears in the VPM column of the 
HP SIM console, shown circled in the following figure. Initially, the icon depicted in the column 
displays Vulnerability and Patch Management Pack eligibility information for the target system in the 
specific row. After target servers are licensed and a vulnerability scan is performed, the column 
displays the combined status of the last vulnerability scan on the target system (patch status does not 
appear in the column). Click the icon to display detailed information about the system status with 
regard to Vulnerability and Patch Management Pack. 



HP Systems Insight Manager 
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The VPM column displays one of the following color-coded icons. 
Table 1 Vulnerability and Patch Management Pack icons 



Icon 


Status 


Risk assessment 


© 


Critical vulnerabilities have been detected. 


High 


T 


Major vulnerabilities have been detected. 


Medium 


A 


Minor vulnerabilities have been detected. 


Low and warning 


© 


No vulnerabilities have been detected. 


None 


@ 


The Unknown icon might appear for the following reasons: 


Unknown 


• Vulnerability and Patch Management Pack cannot access the system because 
proper authentication information was not provided. 

• The system is either not supported or connected. 

• Vulnerability and Patch Management Pack cannot access the system registry or 
file system. 
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Table 1 Vulnerability and Patch Management Pack icons 



Icon Status Risk assessment 

0 This system is available for licensing, but Vulnerability and Patch Management Pack Unknown 
cannot run for the following reasons: 

• Vulnerability and Patch Management Pack is not installed. 

• The system is not licensed. 

• The system is licensed, but a scan has not yet been performed. 

No Vulnerability and Patch Management Pack cannot be licensed on this system. Unknown 
icon 



Click any status icon to display additional information for the system. Clicking the normal, minor, or 
major icon opens a new informational page where the last scan results for the system can be 
accessed. A new scan can also be launched from this page. 
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Clicking the Unknown icon for a system displays an explanatory page listing possible reasons why 
status is not available for the system and options to enable Vulnerability and Patch Management 
Pack. 
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Requirements 



This section lists the hardware and software required for each component in the Vulnerability and 
Patch Management Pack environment. 

A Vulnerability and Patch Management Pack environment consists of the following components: 

• Vulnerability and Patch Management Pack 

• HP SIM 

• VPM Acquisition Utility (optional) 

• Target systems 

Vulnerability and Patch Management Pack and HP SIM can each be installed on a separate server or 
together on one server, if the following requirements are met for the server on which each component 
resides. 

Vulnerability and Patch Management Pack 

The VPM server, the server on which the Vulnerability and Patch Management Pack software is 
installed, must meet the following hardware and software requirements. Requirements listed for the 
VPM server are independent of requirements for HP SIM and any other applications that coexist on 
the VPM server. For specific hardware and software requirements for the HP SIM server, see the HP 
Systems Insight Manager Installation and Configuration Guide. 



Table 2 Hardware requirements 



Component 


Specification 


Any HP x86 




server 




Memory 


At least 51 2 MB RAM 


Processor 


1 .5 GHz or higher 




1 GB for Vulnerability and Patch Management Pack (1 50 MB in the TEMP directory for 


Disk space 


installation) 




Additional space for scan reports and patches 


File structure 


New Technology File System (NTFS) 


DVD-ROM drive 
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Table 3 Software requirements 



Component 


Specification 




Microsoft Windows 2000 Server SP4 




Windows 2000 Advanced Server SP4 


Operating 
system (32-bit 
versions only)* 


Microsoft Windows Server™ 2003, Standard Edition SP1 


Windows Server 2003, Enterprise Edition SP1 




Windows Server 2003, Web Edition SP1 




Windows® XP Professional SP2 


Services 


Microsoft Internet Information Services (IIS) 5.0 or later, installed and running** 


T/^D /ID *iL PvkIC 1 £• J iL i i L 1 J i ID JJ 

ILr/lr, with DNb properly contigured so that system names can be resolved to Ir addresses 


Database 


An existing Microsott b(JL berver database can be used, or Microsott Data engine (MoDb) will 
be installed on the VPM server with the Vulnerability and Patch Management Pack installation. 
When changing databases during an upgrade, patch data from the previous database is not 
migrated. A full patch acquisition must be performed to repopulate the patch repository. 


Applications 
(must be 


HP SIM 5.1 or later, installed on a Windows server with Windows Management Interface 
(WMI) Mapper 


available on 
the network) 


Mozilla Firefox 2.0 or Microsoft Internet Explorer 6.0 or 7.0 


Adobe® Acrobat® Reader 3.x or later (to view scan results) 


*HP SIM might have additional restrictions for supported service pack levels. 



**HP strongly recommends enabling HTTPS if HP SIM and Vulnerability and Patch Management Pack are 
installed on separate servers. For information about configuring HTTPS service in IIS, see 
http://support.microsoft.com/?kbid=324069 . 



Systems Insight Manager 

HP SIM 5.1 or later must be installed on a Windows server. This release of Vulnerability and Patch 
Management Pack does not support an HP SIM console operating with a Linux or HP-UX operating 
system. 
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VPM Acquisition Utility (optional) 

The VPM Acquisition Utility can be installed on a system with Internet access to acquire patch 
information and patch files from selected vendor websites. This utility allows patch acquisitions and 
vulnerability updates without requiring the VPM server to be directly connected to the Internet, thereby 
reducing potential security risks. No other Vulnerability and Patch Management Pack components or 
database software are required to be installed on the system to download vulnerability and patch 
updates. 

Table 4 lists the minimum requirements for the system on which the VPM Acquisition Utility is installed. 



Table 4 VPM Acquisition Utility requirements 



Component 


Specification 


Memory 


At least 256 MB RAM 


Processor 


1 .5 GHz or higher 


Disk space 


12 MB 


Available space for downloading vulnerability patches 


Internet access (for 


downloading vulnerability patches) 




Windows 2000 Server SP4 




Windows 2000 Advanced Server SP4 


Operating system 
(32-bit versions 
only) 


Windows 2000 Professional 


Windows Server 2003, Standard Edition SP1 


Windows Server 2003, Enterprise Edition SP1 




Windows Server 2003, Web Edition SP1 




Windows XP Professional SP2 



Target systems 

Target systems are managed by Vulnerability and Patch Management Pack. HP recommends installing 
HP Management Agents on ProLiant target systems to allow HP SIM to better identify the target 
systems. Enable WMI or Web-Based Enterprise Management (WBEM) for other target systems. The 
VPM Patch Agent is automatically deployed when target systems are licensed to allow patches to be 
applied to the systems. 

Secure Shell (SSH) must be installed on Linux target systems. 

For a list of supported target systems, see the HP ProLiant Essentials Vulnerability and Patch 
Management Pack Support Matrix. 
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Installation and configuration 



This section provides detailed instructions to perform a first-time installation of Vulnerability and Patch 
Management Pack and the initial configuration steps necessary for use. 



Vulnerability and Patch Management Pack is installed by default in the C:/Program Files/HP/VPM 
directory. During the Vulnerability and Patch Management Pack installation, you can either accept this 
default directory or designate another installation location. 



Configuring Microsoft Internet Information Services 



Microsoft Internet Information Services (IIS) 5.0 or later must be installed on the intended VPM server 
to successfully install and use Vulnerability and Patch Management Pack. HP strongly recommends 
enabling HTTPS if HP SIM and VPM are installed on separate servers. 

For information about configuring HTTPS service in IIS, see http://support.microsoft.com/ 



Installing Vulnerability and Patch Management 



These instructions assume that all hardware and software requirements have been met. Before 
attempting to install Vulnerability and Patch Management Pack, see the "Requirements" section to 
verify that all requirements have been met. 

HP SIM will be restarted after the Vulnerability and Patch Management Pack installation. 

NOTE: This installation might take up to 7 minutes depending on the speed of the server. 

Before installing Vulnerability and Patch Management Pack, the following components must be 
installed, properly configured, and running: 

• IIS 5.0 or later 

• HP SIM 5.1 or later with WMI Mapper 

Be sure to have the following items available before beginning the Vulnerability and Patch 
Management Pack installation. 

• Location and credentials for HP SIM (user name, password, and domain) 

• Credentials for the local server, if installing on other than HP SIM server 

• Credentials for the Microsoft SQL Server database, if an existing SQL Server database will be 



Installation location 



?kbid=324069. 




used 
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Installing from the Insight Control Management DVD 

1. Insert the Insight Control Management DVD into the DVD-ROM drive of the intended VPM server. 
An autorun menu appears. 

2. Read the license agreement. Click Agree. 



HP Insight Control Management 



The following products are available on the HP Insight Control Management DVD and are subject to the License Agreement below 



HP Systems Insight Manager 

HP BladeSystem Integrated Manager 

HP Insight Power Manager 

HP Extensions for SIM Windows 

HP ProLiant Essentials Rapid Deployment Pack 

HP ProLiant Essentials Virtualization Management Software 

HP ProLiant Essentials Vulnerability and Patch Management Pack 

HP ProLiant Essentials Performance Management Pack 



HP System Management Homepage 

HP Version Control Repository Manager 

HP Open Sen/ice Event Manager 

HF -jef.ice E???-: s \ z demote Support Pack 

HP ProLiant Essentials Workload Management 

HP Insight Management MIBs 

HP Provisioning and Reccsiv = .;:i-* 



Please agree to the License Agreement to continue. 

HP Insight Control Management DVD 

ProLiant Essentials Software - End User License Agreement 

Pease read this End User license Agreement ("Agreement*) carefully. This Agreement is a ega! agreement between you [ether an "ndvidual or 
snge enfty, such as one company) ["You") and Hewlett-Packard Company ["HP"). By ciclong the "Agree" button below, copying, insfalng, or 
otherwise using the software ctstributed under this Agreement ("Software"), (j) You do so with fhe'ntent to electronically 'execute'' this Agreement, 
and (ii) You agree to be bound by and comply with the folbwing terms and condions, inducing the warranty statement, as well as any terms and 
condfons contained in the ["An ciliary Software L censes") as defned be aw. 



If You do not agree to the terms and condf ons of th"s Agreement, (a) Yol may "ndcate reecfon of this Agreement by cickng the "Ds agree" 
button, lb] Yol sha nct'nsta the Software, and [c) You may not use the Software. If You purchased the Software, You may return the Softwan 
to the place of purchase for a full refund. Notw'thstandng the foregdng, instalng or otherwise using the Software indcates Your acceptance of thi 
terms and condfons of ffis Agreement. 

1^ 



3. Under Vulnerability and Patch Management Pack, click Install. 



> HP Insight Control Management 



1M Insight Control Management 



» IVu Inerab i I ity. aiid ...Patch LI an a q e m e n t JP a.c ^ 



Foundation Management Products 

■ HP Systems Insight Manager 

■ HP BladeSystem Integrated Manager 

■ HP Insight Power Manager 

■ Rapid Deployment Pack 

■ Performance Management Pack 

■ Vulnerability and Patch Management 
Pack 

Server Management Options 

■ Provisioning and Recover/ Pack 

■ Virtualization Management Software 

■ Workload Management Pack 

Additional HP Management Tools 

■ System Management Homepage 

■ Version Control Repository Manager 

■ Extensions for SIM Windows 

■ Insight Management MIBs 

Additional HP Service Tools 

■ Open Sen/ice Event Manager 

■ HP Se^rvice Essentials Remote 
Support Pack 



Updated 5 free licenses! 

Vulnerability and Patch Management Pack (VPM) integrates and simplifies the assessment and 
remediation of operating system vulnerabilities into HP Systems Insight Manager for Windows and Linux 
platforms. Use of VPM is the recommended step to complete a deployment. 

Powered by Harris STAT® Scanner (the only Common Criteria Certified scanner), VPM covers 
vulnerabilities reported in all leading vulners: : . .::s:s::ases and can automatically collect and apply new 
vulnerability update? and :st::hss directly from vendor sources 



Explore DVD... 



Server Management Options 

s ProLiant Essentials Provisioning and Recovery Pack 1.0 New 

An extension to HP Systems Insight Manage that delivers policy-based management to automate server 
provisioning and recovery for HP BladeSystem infrastructures IT organizations can use this flexible 
solution to create adaptive environments that respond quickly to change and business needs.br> The 
Provisioning and Recovery Pack enables IT Administrators to create policies that rapidly deploy 
m: i.- : r : =;:? ss-.srs -rr: er- =- ::" activity to network and storage resources as a 

single automated process Recovery policies allow the availability of problematic or unreachable blade 
servers to be restored quickly and predictably, with flexible options that include automated system 
reboot and recovery to a spare blade server. 



Virtualization Management Software 2.1 5 free licenses! 

Looking to deploy virtualization technology? Get the most out of server virtualization by unifying the 
management and migration of physical and virtual server resources from HP Insight Systems Manager 
Virtual Machine Management Pack (VMM; provides central management and control of VMware and 
Microsoft virtual machines Server Migration Pack (SMP; automates the manual processes required for 
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4. At the welcome screen, click Install. 



:_ Vulnerability and Patch Management Pack setup 



oliant Essentials 

f u nerability and Patch Management Pack 




| Welcome to the Vulnerability and Patch Management Pack setup 

Install 

Important: Read and understand all installation prerequisites before continuing. Refer to the installation information included 
in the HP ProLiant Essentials Vulnerability and Patch Management Pack User Guide for more information. 



Install 



5. At the Software Selection screen, select Vulnerability and Patch Management Pack, and click 
Next. 
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£ Vulnerability and Patch Management Pack setup 






Proliant Essentials 

Vulnerability and Patch Management Pack 

1 1 V 1 1 1 







| Software Selection 



Select the software component you would like to install, and click Next. 



Component Name 


Required Disk Space 


<* Vulnerability and Patch Management Pack 


1 Gb 


r VPM Acquisition Utility. 

Install this component on a system outside the firewall to acquire vulnerability and patch 
updates. Use this only if the VPM server cannot access the Internet directly to get updates. 


12 Mb 




6. Review the requirements, and click Next. 
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ty and Patch Management Pack 



Warning 

Caution! The VPM installation will not he successful if you have not completed the following: 

1. Be sure to know the following: 

• Location and credentials for HP SIM (username, password, and domain) 

• Credentials for the local server, if installing on other than the HP SIM server 

• Database credentials for existing Microsoft SQL Server (Optional) 

2. Be sure the following items are installed and running: 

• HP SIM 5.1 or later 

• Windows Management Instrumentation (WMI) Mapper 

• Microsoft Internet Information Services (IIS) 5.0 or later 

3. The following are required to use VPM and view scan results: 

• Firefox 2.0 or Microsoft Internet Explorer 6.0 or 7.0 

• Adobe® Reader 3.x or later 



< Prev 




Next> 




Cancel 



7. If this is an upgrade installation, be sure that all Vulnerability and Patch Management Pack 
functions are stopped and that no Vulnerability and Patch Management Pack events are 
scheduled to run in the next 20 minutes. Click Yes to proceed. 



Vulnerability and Patch Management Pack setup 



VPM is already installed. Before upgrading, be sure that all VPM h.r i i ipped a hat no VPM r duled n the next minutes. Ii us update will shutdown 

background VPM services, Do you want to proceed with an upgrade? 



1 & I 



8. Enter the HP SIM account credentials, and click Next. 



NOTE: This information is entered automatically for an upgrade installation. 
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Vulnerability and Patch Management Pack setup 



W^fin% Prolisi 

mSEM vuit 



nerabilrly and Patch Management Pack 




HP Systems Insight Manager Credentials 



Important: Be sure to use an account that has Administrative privileges in HP SIM. This account must also be in the system 
local Administrators group. 

Specify your account credentials and the HP SIM server where Vulnerability and Patch Management Pack will be installed. 
This account information will be used for HP SIM access and Vulnerability and Patch Management Pack service registration. 
Click Next to continue. 



User name: (Administrator 
Password: 

User domain: |PVA3 



< Back Next> Cancel 




9. If Vulnerability and Patch Management Pack is installed on a separate server from HP SIM, enter 
the user credentials under which Vulnerability and Patch Management Pack will be installed. 



NOTE: This information is entered automatically for an upgrade installation. You can only modify 
the password field. 
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I Vulnerability and Patch Management setup 



HBO 



Proliant Essentials 



Vulnerability and Patch Management Pack 



VPM Server Credentials 



Specify your account credentials for this server where VPM is being installed. Click Next to continue. 



Account Credentials 

VPM Server 
Name: 



Jjapurt 



User name: |Administrator 

Password: | 

User Domain: [jAPURA 



< Back 




Next> 





Cancel 




10. Specify the database type to use for storing your patch database, and click Next. An existing 
SQL Server database can be used, or MSDE can be installed on the VPM server. 

o If you select a SQL Server database, enter your database credentials when prompted. The 
SQL Server database can be accessed using either of the following authentication methods: 

— Windows authentication— The provided credentials must match a Windows account 
configured with privileges to access the database. The database must be configured to 
accept Windows authentication. 

— SQL Server authentication— The provided credentials must match a SQL Server account 
configured with privileges to access the database. The database must be configured to 
accept SQL Server authentication. 

To use Windows authentication, select the Connect using Windows authentication checkbox. 
Otherwise, SQL Server authentication is used. For information about configuring 
authentication for your SQL Server database, see the Microsoft SQL Server documentation. 

If you select MSDE, and an existing installation of MSDE or files used by MSDE is not current, the 
server reboots after updated files are installed. Restart the Vulnerability and Patch Management Pack 
installation from the Insight Control Management DVD. 



NOTE: The database software is used internally by Vulnerability and Patch Management Pack. No 
user-accessible data exists in this database. 
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Database Configuration 



Specify the database type to use for storing your patch database. To use Microsoft SQL Server 2000, it must be pre-installed. 
If Microsoft SQL Server Desktop Engine (MSDE) is selected, it will be installed on the VPM Server. 



| ©Use existing Microsoft SQL Server C Install MSDE 

User name: |Adrninistrator 
Password: 

Host: |TAQUATINGA 

Port: f\433 
I - Connect using Windows authentication 



< Back Next> Cancel 



11. Specify the installation directory or accept the default directory. 



NOTE: If this is an upgrade installation, the installation directory cannot be changed. 

12. Click Install at the Typical Install Summary screen to install the Vulnerability and Patch 
Management Pack software. 

13. Click Next when the Vulnerability and Patch Management Pack installation completes. 
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Vulnerability and Patch Management Pack setup 



iliant Essentials 



Vulnerability and Patch Management Pack 



Typical Install - Summary 



Selected Component(s): 


Installation Status: 


Vulnerability and Patch Management Pack 

Install Vulnerability and Patch Management Pack 


Success. 



Next> 




14. Click Finished. The HP SIM service is restarted and Vulnerability and Patch Management Pack is 
available for use. 



.£ Vulnerability and Patch Management Pack setup 



oliant Essentials 

u nerability and Patch Management Pack 




Installation was successful 



Commonly missed post install configuration steps 

VPM operations will not be successful if you do not complete the following. Details on how to complete these and other 
configuration items can be found at the Help -> Getting Started menu in HP SIM. 

1. Configure Global or System Protocol Settings to enable access to target systems. 

2. Configure VPM to acquire updates from the internet or import from a local repository. 

3. Acquire the latest Vulnerability and Patch Management Pack updates. 



Finished 
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Installing from the VPM download website 

1. After downloading the Vulnerability and Patch Management Pack from the VPM download 
website, double-click setup.exe to start the installation. 

2. See steps 4 through 14 in the previous section to complete the installation. 

Installed Vulnerability and Patch Management Pack 
components 

Vulnerability and Patch Management Pack installs the following items on the VPM server during 
installation under Start>Programs>HP Vulnerability and Patch Management Pack: 

Change VPM Credentials 

Uninstall VPM 

VPM Quick Setup Poster 

VPM Release Notes 

VPM Support Matrix 

VPM User Guide 

Vulnerability and Patch Management Pack installs the following menu items to the HP SIM toolbar 
during installation: 

• Options>Vulnerability and Patch Management 
o Acquire Updates 

o Settings 



EsI HP Systems Insight Manager 
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Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Optimize ▼ Reports ▼ Tasks & Logs 
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System Overview 



0AII Systems 
i All Events 



■ Systems 
_l Private 
_l Shared 
Events 
J Private 



I Events by Severity 



] 



Acquire Updates,, 
Settings,.. 



Discovery,,. 
Events 
Status Polling 
Security 

Protocol Settings 

Cluster Monitor 

System Properties 

Data Collection... 

First Time Wizard,., 

Home Page Settings,,. 

Identify Systems.,. 

Manage System Types, . , 

Remove a Tool... 

Version Control Repository, . , 

Vulnerability and Patch Management 



Diagnose>Vulnerability and Patch Management 
o Scan 

— Customize scan 

— Scan for Vulnerabilities 

— View Results by Scan Name 

— View Results by System 

o View Patch Installation Status 

— View by Patch 

— View by Search Filter 
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- View by System 

— View Patches Installed by VPM 
o View Patch Reboot Status 

o View Patch Repository 
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User: administrator 
Home | Sign Out 




Configure ▼ Diagnose ▼ Opt 
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Event Monitoring Service 
Ping... 

Vulnerability and Patch Management 



View By Patch,., 
View By Search Filter,. 
View By System... 



Scan 

View Patch Installation Status 
View Patch Reboot Status. , . 
View Patch Repository. . . 



Customize Scan.,. 
Scan for Vulnerabilities 
View Results by Scan l\ 
View Results by Systen 



Deploy>Vulnerability and Patch Management 

o Patch without a Scan 

o Patch-Fix Based on a Scan 

o Remove Patch 

o Validate Installed Patches 

o VPM Patch Agent 
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Deploy- Configure ▼ Diagnose ▼ Optimize ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help-' 



Software Distributor 
RPM Package Manager 
Deploy Drivers, Firmware and Agents 
License Manager 

Virtual Machine Management Pack 
Vulnerability and Patch Management 



Patch without a Scan. . . 
Patch-Fix Based on a Scan, . 
Remove Patch.,. 
Validate Installed Patches.,. 
VPM Patch Agent... 
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0 All Systems 

1 All Events 



■ Systems 

_l Priuate 

_l Shared 
B Euents 

_l Priuate 

B Shared 
Q Events by Severity 



] 
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Vulnerability and Patch Management Pack upgrades 



New versions of Vulnerability and Patch Management Pack are automatically installed over a 
previous version. Any scheduled tasks, scan reports, and patch updates are retained. Vulnerability 
and Patch Management Pack supports installation with an existing SQL Server database. However, 
patch data from a previous database is not migrated. A full patch acquisition must be performed to 
repopulate the patch repository. 

For detailed information about a particular version, see the release notes. 

For more information, critical updates, and the latest version of the software, click Download at 
http:/ / www.hp.com/ go/ vpm . 

Vulnerability scan definitions are updated frequently as new information about security issues is made 
available. Sign up for e-mail notifications of vulnerability definition updates or Vulnerability and Patch 
Management Pack updates at http:/ / www.hp.com/ go/ swupdate . 

Installing the VPM Acquisition Utility (optional) 

If your VPM server is not directly connected to the Internet, the VPM Acquisition Utility can be installed 
on any system with Internet access to acquire vulnerability and patch updates. 

Hir IMPORTANT: In both a distributed and shared configuration, the VPM Acquisition Utility cannot be 
installed on the VPM server or the HP SIM Central Management System (CMS). 

To install the VPM Acquisition Utility: 

1. Insert the Insight Control Management DVD into the DVD-ROM drive of the system where patch 
and vulnerability updates will be obtained. An autorun menu appears. 

2. Read the license agreement. Click Agree. 

3. Under HP ProLiant Essentials Vulnerability and Patch Management Pack, click Install. 

4. At the welcome screen, click Install. 

5. At the Software Selection screen, select VPM Acquisition Utility, and click Next. 
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□liant Essentials 
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Software Selection 



Select the software component you would like to install, and click Next. 



Component Name 


Required Disk Space 


C Vulnerability and Patch Management Pack 


1 Gb 


(+" VPM Acquisition Utility. 

Install this component on a system outside the firewall to acquire vulnerability and patch 
updates. Use this only if the VPM server cannot access the Internet directly to get updates. 


12 Mb 



< Back 




Next> 




Cancel 



6. Click Next. 



Setup - VPM Acquisition Utility 



□SB 



Welcome to the VPM Acquisition 
Utility Setup Wizard 

This will install VPM Acquisition Utility 2.00 on your computer. 



Click Newt to continue, or Cancel to exit Setup. 




Newt > 



Cancel 



7. Specify the installation directory or accept the default directory, and click Next. 

Installation and configuration 



8. 

1 



Specify the Start Menu folder or accept the default folder, and click Next. 



Setup - VPM Acquisition Utility 



Select Start Menu Folder 

Where should Setup place the program's shortcuts? 

Setup will create the program's shortcuts in the following Start Menu folder. 

To continue, click Newt. If you would like to select a different folder, click Browse. 
| JJdiiiliB!BI5[IBBIIllll[H Browse... 





< Back Newt > Cancel 



9. Select whether to create a desktop icon and quick launch icon for the VPM Acquisition Utility, 
and click Next. 
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1 "o Setup - VPM Acquisition Utility 




Select Additional Tasks 

Which additional tasks should be performed? 




Select the additional tasks you would like Setup to perform while installing VPM 
Acquisition Utility, then click Newt. 


Additional icons: 




1" [Create a desktop icoH 




1" Create a Quick Launch icon 






< Back J Newt > 


Cancel 




10. Review the installation details. Click Back to change any settings, or click Install to begin 
the installation. 
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Setup - VPM Acquisition Utility 



Ready to Install 

Setup is now ready to begin installing VPM Acquisition Utility on your computer. 




Click Install to continue with the installation, or click Back if you want to review or 
change any settings. 



Destination location: 

C:\Program Files\HP\VPM Acquisition Utility 






Start Menu folder: 

VPM Acquisition Utility 






Additional tasks: 
Additional icons: 
Create a desktop icon) 













< Back 



Install 



Cancel 



11. When the installation is complete, select whether to launch the VPM Acquisition Utility, and cl 
Finish. 



Setup - VPM Acquisition Utility 



mm 



Completing the VPM Acquisition 
Utility Setup Wizard 



Setup has finished installing VPM Acquisition Utility on your 
computer. The application may be launched by clicking the 
installed icons. 

Click Finish to exit Setup. 



Finish 
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Post-installation configuration 

1. Log in to HP SIM from an account with administrator privileges. 



NOTE: An administrator can add new users and set up existing users to access Vulnerability and 
Patch Management Pack. For instructions, see the HP Systems Insight Manager Installation and 
Configuration Guide. 




Eg IMPORTANT: This configuration step must be completed for Vulnerability and Patch Manaqement 
Pack to function properly. 

2. Select Options>Protocol Settings>Global Protocol Settings, and configure the WBEM credentials 
to enable access to target systems using one of the following options. 

o Configure settings for the \user account if Vulnerability and Patch Management Pack is 
located on the HP SIM server 

o Configure settings for the DOMAIN\user account if Vulnerability and Patch Management 
Pack is on a separate server. 

3. Enter the Windows administrator account credentials in the Default 1 field and Red Hat 
administrator group credentials in the Default 2 field. For systems with individual settings, 
configure WBEM credentials using the System Protocol Settings. For information, see the 
"Troubleshooting" section. 

4. Click OK. 
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HP Systems Insight Manager 



User: administrator 
Home I Sign Out 



B| Tools t Deploy ▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options t Help 1 
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Uncleared Event Status 



Configure default, system wide protocol settings 




Default WBEM settings 

0 Enable WBEM 



Confirm password: 



0 All Systems 
a All Events 



Default 1 : 
Default 2: 
Default 3: 
Default 4: 



systems 
Pi iYnrte 



v Default 5: 



administrator 



a 



5. Perform an automatic discovery to locate and identify target systems in the network that can be 
used with Vulnerability and Patch Management Pack. For information about performing a 
discovery and other basic HP SIM tasks, see the HP Systems Insight Manager Installation and 
Configuration Guide. 



Establishing security 



HP recommends the following actions to ensure security on the VPM and HP SIM servers: 

• Restrict the number of local users 

• Restrict or remove remote users 

• Enable high security measures, such as audit logging and enhanced password restrictions 

• Remove remote shares when possible 



Modifying the Vulnerability and Patch Management Pack 
settings 

1. Select Options>Vulnerability and Patch Management>Settings. 

2. Select the source where patch and vulnerability updates will be obtained. 

o If the VPM server has direct Internet access, select Acquire updates from Internet to use the 

VPM server to obtain updates. If you use a proxy server, select the appropriate checkbox, 
and enter your configuration information. If the proxy requires authentication, select the 
appropriate checkbox, and enter your user credentials. Only basic (not encrypted) 
authentication is supported. 
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If the VPM server does not have Internet access, select Acquire updates from local repository 

to use the VPM Acquisition Utility on another system with Internet access to acquire updates. 
The update files can either be manually relocated to the VPM server or accessed from the 
network. Designate the directory path where the update files will be located in the Source 
path field. If necessary, enter user credentials to access the designated directory. The VPM 
server must have read access to the designated directory. 

IMPORTANT: A patch acquisition must have already been run using the VPM Acquisition 
Utility and saved to the designated directory before this step can be completed 
successfully. For information, see the "Acquisitions using the VPM Acquisition Utility" 
section. 
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System Overview 



HI All Systems 
I All Events 



Systems 

_l Private 

D Shared 
1 Events 

B Private 

B Shared 

_l Events by Severity 
_l Login Events 
_lseiviee Events 
J VPM Events 



Acquisition settings 

Acquire updates from Internet 
Acquire updates from local repository 



Source path: C: ''Program Files'iHP\V'PM'radia''Jrtegrat!orib:erverWata 



User Name: Q 



' Help ' Debug ' 



1 The import scarce directory contains the local repository acquired using the VPM Acquisition Utility: The VPM 

server must have read access. 
1 ,.4 domain for the usernarne may he needed when the directory is a network share. Use the format BOMA!N\jdoe. 



3. Click Apply. 
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Configuring Vulnerability and Patch Management Pack 
acquisition for Red Hat Enterprise Linux 

If Red Hat patch acquisitions will be run, configure Red Hat Enterprise Linux acquisition settings: 

1. Verify the Red Hat library, compat-libstdc++, is installed on all Red Hat target systems. 

2. Verify that each Red Hat target system to be patched has a valid subscription and license for the 
Red Hat Network, which are required for patch acquisitions. For information about subscribing 
to the Red Hat Network, see http://www.redhat.com . 

3. Log in to a Red Hat Enterprise Linux 2.1, 3, or 4 server as root. 

4. Execute the following command: rhn_register 

5. Select Existing, and enter your user credentials. 

6. Enter a unique profile name for this machine (such as the IP address or host name). 

7. Exit the rhn_register application without applying any patches to the system. 

8. Copy the file created by the rhn_register tool from /etc/sysconfig/rhn/systemid to 
C:\Program Files\HP\VPM\radia\lntegrationServer\etc. 

9. Rename the systemid file to reflect the appropriate Red Hat distribution. 

o If the system that created the systemid file was running Red Hat Enterprise Linux 4 ES, 
rename the file "redhat-4es.sid." 

o If the system that created the systemid file was running Red Hat Enterprise Linux 3 ES, 
rename the file "redhat-3es.sid." 

o If the system that created the systemid file was running Red Hat Enterprise Linux 2.1 ES, 
rename the file "redhat-2.les.sid/' 

o If the system that created the systemid file was running Red Hat Enterprise Linux 4 AS, 
rename the file "redhat-4as.sid." 

o If the system that created the systemid file was running Red Hat Enterprise Linux 3 AS, 
rename the file "redhat-3as.sid." 

o If the system that created the systemid file was running Red Hat Enterprise Linux 2.1 AS, 
rename the file "redhat-2.las.sid/' 

Acquiring Vulnerability and Patch Management Pack updates 

Vulnerability and Patch Management Pack provides an acquisition utility that connects to the selected 
vendor website, downloads patch information and patch files, and places this information in the 
Vulnerability and Patch Management Pack database. Acquisitions can be run either from the VPM 
server in situations where the VPM server has direct access to the Internet or using the VPM 
Acquisition Utility installed on another system. 

After Vulnerability and Patch Management Pack is installed for the first time, complete a patch 
acquisition to update the information in the Vulnerability and Patch Management Pack database. 
Also, perform patch acquisitions on a regular basis to obtain new vulnerability scan definitions and 
patches, ensuring that Vulnerability and Patch Management Pack is always up to date with the latest 
security information. 
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Acquisitions from the VPM server 



IMPORTANT: If a proxy is used to connect to the Internet, proxy settings must be configured to 
acquire updates. For information, see the "Modifying the Vulnerability and Patch Management Pack 
settings" section. 

IMPORTANT: Do not schedule patch acquisition tasks to run while vulnerability scans are running. 
Patch acquisition tasks cause vulnerability scans to abort. 

1. Select Options>Vulnerability and Patch Management>Acquire Updates. 

2. Select one or more sources from which to acquire patch updates, and click Next. 

NOTE: HP updates and vulnerability scan definition files are always automatically downloaded. 



r 
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User: administrator 
Home | Sign Out 
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Acquire Vulnerability and Patch Updates 

Acquire/lmport vulnerability and patch updates 

Step 1: Select one or more update sources 



System Status 


□ 


Legend... 


Customize... 
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Advanced Search... 






Customize... 


System Overview 


All Systems 




HI All Events 





B 

U 



_l Private 
D Shared 
Events 
Private 
Shared 
Events hy Sevei rty 
Login Events 
Sei vite Events 
VPM Events 



[^1 Microsoft patches 
~2 Red Hat patches 




Harris vulnerability scan definitions and VPM patch agent updates are a/ways included as part of the update. 
If your site requires the use of a proxy/, configure proxy information under Options -> Vulnerability and Patch 
Management -> Settings 

The first acquisition that is run can take quite a bit of time. Subsequent acquisitions will get updates only, and 
will be much quicker. 



3. Select the appropriate operating systems or platforms and platform related applications, and 
click Next. 
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Acquire Vulnerability and Patch Updates 

Acquire/Import vulnerability and patch updates 

Step 2: Select one or more operating systems or platform related applications 




* 



S All Systems 
I All Events 



■ Systems 

B Private 

D Shared 
3 Events 

B Private 

B Shared 

_l Events by Severity 
_l Login Events 
B Service Events 
J VPH Events 



[^1 Windows 

7\ Wndows 

[^1 Wndows 

7\ Wndows 

7\ Wndows 

/\ Wndows 

7\ Wndows 

7\ Wndows 

|] Wndows 

|] Wndows 



Server 2003, Standard Edition 

Server 2003, Enterprise Edition 

Server 2003, Web Edition 

2000 Professional 

2000 Server 

2000 Advanced Server 

Server 2003 for Small Business Server 

XP Professional 

Small Business Server 2000 

Small Business Server 2003 



- 



4. Select the appropriate languages for the required patches, and click Schedule. 
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Advanced Search... 






Customize... 


System Overview 
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Systems 
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Events 




J Private 
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User: administrator 
Home | Sign Out 



Acquire Vulnerability and Patch Updates 

Acquireyimport vulnerability and patch updates 

Step 3: Select the languages for the required patches 



[^1 English 

] French 

] German 

□ Italian 

~2 Spanish 



Schedule I Hun Now 



5. Schedule a suitable time to acquire daily Vulnerability and Patch Management Pack updates. 
Updates might not be available daily, but scheduling the event daily ensures that critical updates 
are obtained promptly. Updates to scan definitions usually follow a few days after new patches 
are released. 

6. Select the Run now checkbox to run the initial patch acquisition, and click Done. The first update 
process after the initial software installation can take up to 15 minutes or longer, depending on 
the number of patch sources selected and the quantity of updates available from each source. 
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Acquire Vulnerability and Patch Updates 

Target: cuiaba 




:tJwi' 0 i- 



El All Systems 
I All Events 



Systems 
Pi ivate 

Q Shared 
3 Events 

B Private 

B Shared 

_l Events l>y Severity 
_l Login Events 
_l Service Events 



Step 4: Schedule Task 



Task limine: Acquire Updates 1 



When would you like this task to run? 

0 Periodically 

O ° nce 

Not scheduled 



In addition: 

I | Run when the central management server is started 

[^1 Run now 



Refine schedule: 



Every 1 



i[y] at |l2:48 | PM [v"| 

□ Run until |l1/30/D5 | at |l2:4S | PM~]v\ 
I | Run a maximum of |l | time(s) 

□ Use time filter: 



Disable this task 



Progress of the acquisition can be monitored at C:\Program Files\HP\VPM\Radia\lntegrationServer\ 
logs\patch-acquire.log. 



NOTE: The acquisition event might contain raw HTTP error codes, which must be decoded to 
determine their cause. To decode HTTP error codes, see 

http://www.w3.orq/Protocols/ rfc261 6/ rfc261 6-secl O.html or the IIS help pages located at 
C:\WINNT\Help\iisHelp\common on a system where IIS is installed. 



Acquisitions using the VPM Acquisition Utility 

The VPM Acquisition Utility can be run from any system with Internet access to download patch 
information and patch files from selected vendor websites. This information can then be imported to 
the VPM server in the Vulnerability and Patch Management Pack database. 

To run the acquisition tool, the VPM Acquisition Utility must be installed on the selected system. To 
install this component, see the "Installing the VPM Acquisition Utility (optional)" section. 

To configure and use the VPM Acquisition Utility to acquire patch and vulnerability updates: 

1. Access the VPM Acquisition Utility from the selected system. 

2. Select one or more sources from which to acquire patch updates, and click Next. 

NOTE: HP updates and vulnerability scan definition files are always automatically downloaded. 



NOTE: Patch acquisitions performed using the VPM Acquisition Utility cannot currently be scheduled. 



NOTE: Steps 1 through 7 are only necessary the first time the VPM Acquisition Utility is used. This 
information is retained for future use, with the option to modify the information each time the utility 
is run. 
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# VPM Acquisition Utility 



Acquire Vulnerability and Patch Updates 

Description: Acquire vulnerability and patch updates. 



^jn|x| 
? 



Step 1: Select one or more update sources 



r 


Update Sources 




Microsoft patches 


\_n_ 


Red Hat patches 



Notes: 



• Harris vulnerability scan definitions and VPM paten agent updates are always included as part of the update. 

• if your site requires the use of a proxy, configure proxy information under Options -> Vulnerability and Patch 
Management -> Settings 

• The first acquisition that is run can take a few hours. Subsequent acquisitions will get updates only, and will be much 
quicker. 




3. Select the appropriate operating system platforms and platform-related applications, and click 
Next. 

4. Select the appropriate languages for the required patches, and click Next. 

F EB5EBSB 



Acquire Vulnerability and Patch Updates 

Description: Acquire vulnerability and patch updates. 

Step 3: Select the languages of the required patches 



Pi Languages 

W English 
V French 



V German 



r Italian 
V Spanish 



-jnjxj 



< Prev I Next > 



5. Enter the appropriate destination path for downloaded files, and click Next. The destination can 
be either a local or shared directory. 



IMPORTANT: The designated directory must be accessible. 
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1 £ VPM Acquisition Utility 




-ln| x| 


Acquire Vulnerability and Patch Updates 

Description: Acquire vulnerability and patch updates. 




? 


Step 4: Enter destination path for download files 






Destination Path: | c: \VPM\Data 


Browse ... | 












< Prev | 


Next > | 









6. If you use a proxy, select the I use a proxy checkbox, and enter the appropriate configuration 
information. 

7. If your proxy requires authentication, select the My proxy requires authentication checkbox, and 
enter the appropriate user credentials. Only basic (not encrypted) authentication is supported. 

8. Click Next. 



1 & VPM Acquisition Utility 


_|n| x| 


Acquire Vulnerability and Patch Updates 

Description: Acquire vulnerability and patch updates. 






Step 5: Proxy settings 




Do you use a proxy to connect to the internet? If you are not certain or if you do not know your proxy settings, contact 
your Network Administrator 






F 1 use a proxy 






Host Name: |proxy.hostnarne.com 
Port Number: [ToTo 






W My proxy requires authentication 






User Name: (username 






< Prev | Next > | 









9. Click Run Now to run the patch acquisition. 
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£ VPM Acquisition Utility 



Acquire Vulnerability and Patch Updates 

Description: Acquire vulnerability and patch updates. 

Step 6: Acquisition 

Acquisition Settings: 

Update Sources: Microsoft patches 

Operating Systems: Windows Server 2003, Standard Edition, Windows Server 2003, Enterprise Edition, Windows Server 
2003, Web Edition, Windows 2000 Server, Windows 2000 Advanced Server 

Languages: English 

Download Destination Path: c:\VPM\Data 
Proxy Settings: 



Hostname 


Port 


Authentication 


Username 


Password 


proxy.hostname.com 


1010 


YES 


username 





< Prev | Run Now 



The vulnerability and patch acquisition begins. Progress of the acquisition can be monitored at 
C:\Program Files\HP\VPM Acquisition Utility\logs\patch-acquire.log. Clear the Enable auto-scroll 
checkbox to allow manual scrolling during the acquisition. 



VPM Acquisition Utility 



I Acquisition Log 

| Description: Logs for current acquisition 



MfflEa 



usZunschx4i.exe -timeout 3000000 queryoffset □ -channel file3b2be70 totalsize □ - 
validate 0 -queryprogress {} -headers { If-Hodif ied-Since {Fri, 19 Nov 1999 04: 00:40 
GHT}} after after#80000 -blocksize 4096 coding {} status ok body {} currentsize 0 met 
{Via {1.1 INECCE-PXY04} Date {Fri, 04 Mar 2005 20:57:16 GHT} Last-Modified {Fri, 19 
Nov 1999 04:00:40 GHT} Accept-Ranges bytes ETag { "4 6e7b 6a442 3 2bf 1 : 803 7 " } Server 
Hicrosof t-IIS/ 6 . 0 X-Powered-By ASP.NET} -type applicat ion/x-www-f orm-ur lencoded 
20050304 14:57:16 Info: HTTP file 

http : //download. microsoft . com/ download/ iis40/patch/4 . 2 . 732 . l/nt4/en-us/unschx4i . exe 
20050304 14:57:16 Info: Done processing bulletin HS99-061 

Number of files downloaded successfully 0 unchanged 1 number 



"3 



20050304 14:57:16 Info 
of errors 0 

20050304 14:57:16 Info 
20050304 14:57:16 Info 



Found 424 bulletins 
Process finished 



W Enable auto-scroll 



NOTE: The Acquisition Log is provided only to ensure that the acquisition is progressing. Disregard 
various messages that appear on the log screen. 

NOTE: The acquisition process might appear to hang for a few moments while downloading large 
files. 



10. Click Done when the acquisition process is complete. 
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g VPM Acquisition Utility 



Jg|x| 



Acquire Vulnerability and Patch Updates 

Description: Acquire vulnerability and patch updates. 
Step 7: Acquisition completed. 

Acquisition of VPM updates has started. Acquisition details can be found at C:\Program Files\HP\VPM Acquisition 
Utility\acquire-loq.log 

VPM important instructions: 

1. On the VPM server, create a directory named data under C:\P ro g ra m F i I es\H P \VP M\Ra d i a\l nte g rati o n S e rve r . 
You may use a network share, if the VPM server has read access to the share. 

2. Copy downloaded files from the VPM Acquisition Utility server destination directory to the VPM server data 
directory. 

3. From HP SIM, configure your import settings under Options -> Vulnerability and Patch Management -> 
Settings. 

4. Start the import from Options -> Vulnerability and Patch Management -> Acquire Updates. 



Done 



11. On the VPM server, create a directory named "data" at C:\Program 
Files\HP\VPM\Radia\lntegration Server. You can use a network share if the VPM server has 
read access to the share. 

12. Copy downloaded files from the VPM Acquisition Utility server destination directory to the VPM 
server data directory. 

13. From HP SIM, configure your import setting by selecting Options>Vulnerability and Patch 
Management>Settings. 

14. Start the import process by selecting Options>Vulnerability and Patch Management>Acquire 
Updates. 
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Licensing 



This section provides information about licensing systems for use with Vulnerability and Patch 
Management Pack. 



NOTE: The VPM Patch Agent is automatically deployed when systems are licensed to allow patches 
to be applied to the systems. VPM Patch Agent updates might be acquired as part of the normal 
acquisition process. Agents installed on target systems are automatically updated the next time 
patches are applied or validated. 



NOTE: A system licensed with a time-limited license key is considered an unlicensed system when 
the license key expires and will no longer be included in scheduled VPM tasks, such as vulnerability 
scans. The license status of the system appears as "Demo key expired." 

Licensing within Vulnerability and Patch 
Management Pack 

Licenses can be added and applied within Vulnerability and Patch Management Pack as a distinct 
step whenever a licensed operation, such as a vulnerability scan or patch deployment, is initiated and 
one or more target systems selected for the operation is unlicensed or licensed with a time-limited 
license. You are prompted to license these systems to successfully complete the requested action. 

The number of available licenses and the number of selected target systems not licensed or licensed 
with a time-limited license appear. To apply licenses to these target systems: 

1. If licenses are available, select any unlicensed system in the list to license, not exceeding the 
number of available licenses, and click Apply License. Licenses are automatically applied to the 
appropriate systems. 

lUf IMPORTANT: If systems listed as Unknown or Unmanaged in HP SIM are selected for licensing, a 
server license is assumed and automatically applied. HP recommends modifying the HP SIM settings 
to properly identify systems before licensing. 



(1^ IMPORTANT: Any unlicensed systems not licensed at this time will not be included in the task. 



NOTE: The Apply License button is only enabled if sufficient licenses are available to license the 
selected systems. 



2. If you have additional licenses, click Add Key to enter one or more new key strings, which can 
be cut and pasted as one string into any one of the subfields, and click OK. 
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HP Systems Insight Manager 



Tools ▼ Deploy T Configure ▼ Diagno 



Tasks & Logs ^ Options ▼ Help ' Debug ▼ 



Updated: Wed, 1 1 ,'30,Q005, 1 :1 9:32 PM CST 
3 10 0 3 Uncleared Event Status 




Scan for Vulnerabilities 

Licensed Nodes: VPM1 

Some of the selected target systems are unlicensed or licensed with demo keys. Unlicensed systems cannot be included. 

If there are more unlicensed systems than licenses available and you have one or more keys providing additional licenses for this product, 
use Hiiii Key to add these leys 



System Overview 



\B All Systems 
2 All Events 



Systems 

B Private 

O Shared 

Events 

B Private 

B Shared 

_l Events l>y Severity 
_l Login Events 



UPMSeivei Licenses Available: 2 


UPM Client Licenses Available: 5 




Licensed Systems: 3 


pj System Name Status 


Operating System 


Type 


Model 1 


□ VPM2 Mot licensed 


Microsoft(R) V\'lridovvs(R) Server 2003, Enterprise Edition 


Server 


ProLiant DL360 G3 


□ VPM3 Mot licensed 


Microsoft(R) Windows(R) Server 


Server 


ProLiant DL360 G3 


<l 


















< Previous ^ Add Key... | 







Add Key- 
specify a hey string: 



3. Click Next to continue the task. 



NOTE: Selected target systems not yet licensed or licensed using a time-limited license appear in the 
systems list on the license validation page. This page reappears, displaying the updated licensing 
status, each time a license is added or applied to a system. Time-limited licenses can be changed to 
permanent licenses at this time by selecting the node and applying a permanent license. When all 
selected target systems are licensed, the process moves to the next step of the selected operation. If 
all target systems initially selected for the task are licensed with permanent licenses, the license 
validation page does not appear. 

Licensing using the HP SIM License Manager 

The HP SIM License Manager can be used to manage licenses. All license keys seen by the License 
Manager appear when the function starts, as well as the key details and summary status. Select any 
key and a new table appears. Systems assigned to that key, details about the system, and the status 
of the key on that system appear. 

Adding licenses 

The HP SIM License Manager can be used to add Vulnerability and Patch Management Pack licenses 
to the licensing database. 

1. Select Deploy>License Manager>Manage Keys. 

2. Click Add Key to enter one or more new key strings, which can be cut and pasted as one string 
into any of the subfields. 

3. Click Open. 
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Manage Keys 

Tool to view contents and add keys to the ProLiant E- 





Product ^ 




I SeatB Mhx 


Seats Used 


I Days Mhx 


I Key String 


o 


Server Migration Pack 


1 Flexible Quantity 


5 


0 




333VV4-72G2Z-MH4B4-67XVJ-Z57H3 


o 


Virtual Machine Management 


1 Demo (seats and time) 


5 


0 


60 


32RGW-DSBZH-NR44D-7KQPC-DMW37 


o 


VPM 


1 Flexible Quantity 


5 


3 




35GVM-HD5XM-5WX2M-324CJ-W5N2N 


o 


VPM Client 


Flexible Quantity 


5 


0 




32RCS-SVV6Y-B28JW-KZYKX-47RSH 



Add Key... 



Specify a hey string: ZH-|H | - | ~| - | | - | 



NOTE: Vulnerability and Patch Management Pack does not support the HP SIM License Manager 
Add Key from File feature. 

NOTE: If the license key is not valid or is a duplicate of a key already existing in the database, an 
error message appears, and the license key is not added to the database. 



Applying licenses to selected systems 



To apply licenses to target systems: 

1 . Select Deploy>License Manager>Deploy Keys. 

2. Select the target systems to license either by selecting a group from the dropdown list or by 
selecting the checkbox next to individual systems. 

3. Click Apply. 
Deploy Keys 

Select ProLiant Essentials license keys to deploy. 

Step 1: Select Target Systems 



No targets currently selected 



Add targets \>y selecting from: 




All Systems 



□ Select "All Systems" itself 

Summary: O 2 Critical W 0 Major ! 0 Minor U 3 Normal 0 Disabled O 0 Unknown Total: 5 



H5 MP 5W VPM VM System Ne 



-f System Type System Address 



0 


© 


a 


) ® 


16.1 27.37.243 


Unmanaged 


16.127.37.243 






□ 


o 


® a 


) © 


cuiaba 


Server 


192.168.121 .1 


ProLiant DL360 G3 


Microsoft(R) WlndowsfR... 


□ 


© 




® 


cuiaba_2k3_02 


Unmanaged 


16.127.37.185 






□ 


© 


® a 


) © 


hp-oi70ma4svv9q 


Server 


16.127.38.53 


VMware Virtual Platfor... 


Microsoft(R) Wlndows(R... 


□ 


o 


® a 


■) © 


olinda 


Server 


16.127.38.11 


ProLiant DL360 G3 


Microsoft(R) Wlndows(R... 



4. Verify that the correct target systems appear in the lists, click Add Targets or Remove Targets if it 

is necessary to reselect target systems, and click Next. 
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Deploy Keys 

Select ProLiant Essentials license keys to deploy. 

Step 1: Verify Target Systems 




g | Name 


| OS | Type 


Tool 


■unch OK? + 


□ 16.127.37.243 Unmanaged 


Yes 



5. Select the appropriate Vulnerability and Patch Management Pack license key to apply to the 
selected systems. 

6. Click Run Now. 
Deploy Keys 

Target: 16.127.37.243 



Step 2: Select keys to deploy. 




p 


I Product 


IB 




I Seats Max 


I Seats Used 


I Days Max 


Key String 


□ 


Virtual_Machine_Management 


1 


Demo_(seats_and_time) 


5 


0 


60 


32RGW-DSBZH-NR44D-7KQPC-DMW37 




VPM 


1 


Flexible Quantity 


5 






35GVM-HD5XM-5WX2M-324CJ-W5N2N 


□ 


Server Migration Pack 


1 


Flexible_Quantity 


5 


0 




333W4-72G2Z-MH4B4-67XVJ-Z57H3 


□ 


VPM Client 




Flexible Quantity 


5 


0 




32RCS-SVV6Y-B28JW-KZYKX-47R5H 



Licensing 



Vulnerability scanning 



This section provides an overview of setting up and using the Vulnerability and Patch Management 
Pack scanning functionality. 

Vulnerability scanning is powered by technology from the Patchlink Corporation's STAT Scanner. 
Patchlink Corporation is an international communications equipment company focused on providing 
mission-critical assured communications for commercial and government customers. 

Patchlink Corporation's STAT network security solutions are backed by decades of expertise in 
information security. STAT vulnerability management products provide proactive protection of 
information and computer networks from hackers, viruses, worms, and other threats. 

Provided scan definitions 

Vulnerability and Patch Management Pack provides a large variety of scan definitions. These scans 
can be used to search for vulnerabilities or modified to suit the specific needs of your environment. 
For specific information about the provided scan definitions, see the "Vulnerability and Patch 
Management Pack provided scan definitions" section. 

To use the provided scan definitions, see the instructions in the "Scanning for vulnerabilities" section. 



Scanning for vulnerabilities 



To perform a vulnerability scan: 

1. Select Diagnose>Vulnerability and Patch Management>Scan>Scan for Vulnerabilities. 

2. Select the target systems to scan either by selecting a group from the dropdown list or by 
selecting the checkbox next to individual systems. 

3. Click Apply. 



I&3 HP Systems Insight Manager 



User: administrator 
Home | Sign Out 



System Status 


B 


Legend... 


Customize... 


Updated: Wed, 1 1 /30/2005, 2:40:05 PM CST 


©▼ AO 




3 10 0 35 Uncleared Event Status 


Search 


B 


1 Search 


Advanced Search... 






ma 


Customize... 


System Overview 


■* All Systems 




■* All Events 






Scan for Vulnerabilities 

Start a scan to check for known vulnerabilities. 

Step 1: Select Target Systems 

No targets currently selected 



Add tai gets l>y selecting fiom: 



All Systems 



Systems 

□ Private 
Q Shared 

3 Events 

□ Private 

□ shared 

_l Events by Severity 
_J Login Events 



□ Select "All Systems" itself 

Summary: © 2 Critical ! 0 Major ! 0 Minor © 3 Normal S 0 Disabled © 0 Unknown Total: 5 



HE MP SW tf PM If M System Name ^ System Type System Address Product Name 05 Hum 



0 o © o 

0 o ® ® o 

mo o 

□ © ® ® © 



VPM1 
VPM2 
VPM3 

hp~oi70ms4svv9q 



Server 
Server 
Server 
Server 



16.1 27.37.243 
192.163.121 .1 
16.127.37.185 
16.1 27.38.53 



ProLiant DL360 G3 
ProLiant DL360 G3 
ProLiant DL360 G3 



Microsol 
Microsol 
Microsol 



'v'Mware Virtual Platfor. . Microsol 



|v| W 



Vulnerability scanning 49 



Verify that the correct target systems appear in the lists, click Add Targets or Remove Targets if it 

is necessary to reselect target systems, and click Next. 

T 



%!>p\ HP Systems Insight Manager 



Status B 



User: administrator 
Home | Sign Out 



Legend.. 



Customize... 
Updated: Wed, 11/30/2005, 2:54:06 PM CST 
©▼ A © 

3 1 0 Uncleared Event Status 




13 All Systems 
2 All Events 



▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help ▼ Debug ▼ 



Scan for Vulnerabilities 

Start a scan to check for known vulnerabilities. 

Step 1: Verify Target Systems 









Type 


Tool liunch OK? ^ 




VPM1 


Microsoft(R) Wlndows(R) Server 


Server 


Yes 


□ 


VPM2 


Microsoft(R) WlndowsfR) Server 2003, Enterpris 


Server 


Yes 


□ 


VPM3 


Microsoft(R) Wlndows(R) Server 


Server 


Yes 



Add Targets I iisintwe Turysii 



5. If any selected systems are unlicensed or licensed with a time-limited license, permanent licenses 
can be applied at this time. If licenses are available, select any unlicensed system in the list, and 
click Apply License. To add licenses using a key string, click Add Key, enter the key string in the 
field, and click OK. 



IMPORTANT: If systems listed as Unknown or Unmanaged in HP SIM are selected for licensing, a 
server license is assumed and automatically applied. HP recommends modifying the HP SIM settings 
to properly identify systems before licensing. 

IMPORTANT: Any unlicensed systems not licensed at this time will not be included in the 
vulnerability scan. 

NOTE: If all target systems initially selected for the task are licensed with permanent licenses, the 
license validation page does not appear. 



Click Next. 



HP Systems Insight Manager 



B| Tools ▼ Deploy ▼ Configure ▼ Diag 



User: administrator 
Home I Sign Out 



Legend... 



: sic fee 



Updated: Wed, 1 1 ,'30/2005, 1:19:32 PM CST 

OTA© 

3 10 0 35 Uncleared Event Status 




H All Systems 
I All Events 



■ Systems 
B Private 
D Shared 
3 Events 
9 Private 
B Shared 

_l Events by Severity 
_l Login Event* 



Scan for Vulnerabilities 

Licensed Nodes VPM1 

Some of the selected target systems are unlicensed or licensed with demo keys. Unlicensed systems cannot be included. 

If there are more unlicensed systems than licenses available and you have one or more keys providing additional licenses for this product, 
use A eld K ey to add these key s . 



UPMOeivei Licenses Available: 2 


UPH Client Licenses Av<iiM>le: 5 




Licensed Systems: 1 


g System Name 


Status 


Operating System 


Type 


Model 


□ VPM2 


Not licensed 


Microsoft(R) Windows(R) Server 2003, Enterprise Edition 


Server 


ProLiant DL360 G3 


□ VPM3 


Not licensed 


Microsoft(R) ''A'lndows(R) Server 


Server 


ProLiant DL360 G3 






Mil 




E 



Add Key... I A W \j L 



Add Key... 

Specify a hey string: 



7. Enter a name for the vulnerability scan, and select a scan definition from the dropdown list. 

8. To run the vulnerability scan immediately, click Run Now. To schedule the scan to run at a later 
time, select Schedule. 
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NOTE: Scans are run one system at a time in a serial process from the VPM server. 



G51 HP Systems Insight Manager 




User: administrator 
Home I Sign Out 



System Status 


B 


Legend... 


Customize... 


Updated: Wed, 1 1 /30/2005, 3:21 :37 PM CST 


©▼ A © 




3 10 0 3£ Uncleared Event Status 


Search 


B| 




Advanced Search... 




BIB 


Customize... 


System Overview 


EJ All Systems 




i All Events 




J Systems 


1 


9 Private 




D Shared 




_lEueiits 







| Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help ▼ Debugs 



Scan for Vulnerabilities 

Targets: VPM1,VPM2,VPM3 

Step 3: Enter scan name and choose a vulnerability scan definition 



Vulnei ability Scan I lame: 
Vulnerability Scan Definition: 




2005-1 1 -30 J 9-21 _ VPMJ 



CrossF'latform - Default scan 



■ This scan may take a significant amount of time based on the available network bandwidth, the number of 
systems selected and the number of vulnerabilities in the scan definition 



Review 5can vulnerabilities I Schedule 



If scheduling the vulnerability scan: 

a. Enter an appropriate name for the scan task, or accept the default name. 

b. To schedule the vulnerability scan to run on a regular basis, select Periodically, or to run the 
scan one time, select Once. 

c. Designate a time and date to run the scan task, and click Done. 



fffll HP Systems Insight Manager 



User: administrator 
Home I Sign Out 



Customize... 



Updated: Wed, 11/30/2005, 3:27:08 PM CST 

OT AO 

3 10 0 35 Uncleared Event Status 



Deploy ▼ Configure ▼ 



Scan for Vulnerabilities 

Targets: VPM1.VPM2.VPM3 



Step 4: Schedule Task 




Task name: Scan for Vulnerabilities 1 



When would you like this t ash to run? 

0 Periodically 
Q Once 

Mot scheduled 



In addition: 

| | Run now 




Disable this task 



10. View scan results after the task completes either by clicking the system status icon or viewing the 
VPM Events list. 



ewing, modifying, or canceling a scheduled task 

To view, modify, or cancel a task that has been previously scheduled: 

1 . Select Tasks & Logs>View All Scheduled Tasks. 

2. Select the appropriate task from the list, and click Edit. 
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E5I HP Systems Insight Manager 



System Status B| Tools ▼ Deploy -*- Configure ▼ Diagnose ▼ Reports ▼ Tasks & Log; 



Legend... Customize... 
Updated: Wed, 1 1 ttO/2005, 3:32:38 PM CST 
OTA© 

3 10 0 35 Uncleared Event Status 



All Scheduled Tasks 

View, maintain and control scheduled tasks 




▼ Help ▼ Debug ▼ 




EJ All Systems 
a All Events 



■ Systems 

B Private 

Q Shared 
3 Events 

B Private 
Shai e<l 

_l Events l)y Severity 
_l Login Events 



I:lick a 


row to select and view task results 










Total: 1 0 




Name 




Tool 


Last Run 


Schedule 




O 


Bi Weekly Data Collection 




Data Collection 


1 1 csyos 


- 8:00 PM 


Periodic - Nexl 




O 


Daily Device Identification 




Identify Systems 


1 1 /30A]5 


-12:05 PM 


Periodic - Nexl 




o 


Hardware Status Polling for non Servers 




Hardware Status Polling 


1 1 ttoyos 


- 3:29 PM 


Periodic - Nexl 




o 


Hardware Status Polling for Servers 




Hardware Status Polling 


1 1 ttoyos 


- 3:29 PM 


Periodic - Nexl 




o 


Hardware Status Polling for Systems no Longer Disabled 




Hardware Status Polling 


Never 




System/Event 




o 


Initial Data Collection 




Data Collection 


1 1 /29y05 


-12:05 PM 


System/Event 




o 


Initial Hardware Status Polling 




Hardware Status Polling 


11/16/05 


- 2:07 PM 


System/Event 




o 


Software Version Status Polling 




Software Status Polling 


1 1 /23/D5 


- 8:00 PM 


Periodic - Nexl 




o 


Software Version Status Polling for Systems no Longer Disabled 


Software Status Polling 


Never 




System/Event 




© 


VPM Patch Agentl 




VPM Patch Agent 


1 1 /me - 


5:12 AM 


Not scheduled 





a: 



0 



Hun Now 1 Edit 1 Delete 



Modify the event details. 

a. If necessary, change target systems on which the task is scheduled to run by clicking either 
Add Targets or Remove Targets. Click Next. 



El HP Systems Insight Manager 



B| Tools 1 *' Deploy -*- Configure-*' Diagnose-*- Reports-*- Tasks &, Logs ▼ Options-*- Help-*- Debug- 



T 



User: administrator 
Home | Sign Out 



EE 



Legend - Customize " Deploy VPM Patch Agent 

Updated: Wed, 1 1 tfO/2005, 3:39:08 PM CST Dep | oy tne VPM patcn agentto se , ected systems . 

3 10 o 35 Uncleared Event status Step 1: Verify Target Systems 









OS 


I Type 


I Tool launch OK? + 1 


w 


VPM1 


MicrosoftCR) Winclows(R) Server 


Server 


Yes 



b. View the task schedule, and modify if necessary. Click Done. 
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HP Systems Insight Manager 



B| Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help ▼ Debug ▼ 



Legend... Customize... 
Updated: Wed, 1 1 130/2005, 3:43:08 PM CST 
OTA© 

3 10 0 35 Uncleared Event Status 



Deploy VPM Patch Agent 

Target: VPM1 

Step 2: Schedule Task 




H All Systems 
I All Events 



Systems. 
Pi ivate 

D Shared 
3 Events 

B Private 

□ shared 

_l Events by Severity 
_ll_oyin Events 



- 



Tvisk name: VPM Patch Agent 1 



0*nei of T.»sk: Administrator 



When would yon like this task to run? 

Q Periodically 
Q: Once 

Not scheduled 



In addition: 

I | Run now 



Refine schedule: 



□ Disable this task 




Viewing vulnerability scan results 



The Vulnerability and Patch Management Pack scan results can be viewed either for a specified 
vulnerability scan or for an individual system. When a vulnerability scan is run for a group of target 
systems, results are generated for the group as well as for each individual system. Vulnerability scan 
results can be viewed as .pdf files in the following formats: 

• Executive Summary— A high-level summary of all vulnerabilities found in a scan 

• Detailed Listing— A list of vulnerabilities found on each system, as well as a description and risk 
evaluation of each 

• Simple Listing— A list of vulnerabilities found on each system sorted by vulnerability name 

• Scan Summary— A list of scans performed and vulnerabilities found, sorted by system name 

• Ports and Services— A list of ports, services, and unknown services, sorted by system name 



Vulnerability scan results guidelines 



• Vulnerability scan results cannot be viewed or deleted while status displays Scanning or 
Pending. Vulnerability scan results for an aborted scan might not be accurate. 

• If the vulnerability scan results display the message, No file access, verify that the WBEM 
settings in HP SIM have appropriate credentials listed for the target systems. For additional 
information, see the "Post-installation configuration" section. 

• Scan results can also be accessed from the links in the completed scan event in HP SIM. 

• Vulnerabilities listed are the total vulnerabilities found in the group of systems scanned. 
Individual systems in the group might not have every vulnerability listed. 

Viewing vulnerability scan results by scan name 

1 . Select Diagnose>Vulnerability and Patch Management>Scan>View Results by Scan Name. 

2. Select the appropriate vulnerability scan, select the format in which to view the results from the 
dropdown list, and click View. The vulnerability scan results appear in a separate window. 
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GeJ HP Systems Insight Manager 



" status BJ Tools ▼ Deploy ▼ Conifigun 



View Vulnerability Scan Results 

View or delete vulnerability scan results. 



View Vulnerability Scan Results: 



Updated: Fri, 12/2/2005, 9:26:32 AM CST 
4 10 0 4 Uncleared Event Status 




System Overview 



0 All Systems 
2 All Events 



■ Systems 
_l Priuate 



D Systems by Type 

_l Systems by Status 

Q Systems by Operating Syste 

D Clusters by Type 

Q Clusters by Status 

D System Functions 
1 Events 
B Priuate 
□ shared 

_l Events by Severity 

D Login Events 






1 Scan Name 


I Status 






2005-1 1 -24_1 8-24_VPM_1 _6750 


completed 




o 


2005-1 1 -1 8_1 1 -02_VPM_1 _401 1 


completed 






2005-1 1 -1 1 J 7-09_VPM_1 ultimovulupdatej 066 


completed 






2005-1 1 -1 1 J 3-28_VPM_1 _989 


completed 




~o 


2005-1 1 -09_09-1 7_VPM_CUIABA_225 


completed 





— View results as: (Executive Summary 



■ Vulnerabilities found can be patched or fixed by going to Deploy -> Vulnerability and Patch Management -> I 
Based on a Scan 

■ To modify the vulnerabilities checked for in a scan, create a custom wine/ability scan definition b\y going to 
Vulnerability and Patch Management -> Scan -> Customize Scan. 



Viewing scan results by system 

1. Select Diagnose>Vulnerability and Patch Management>Scan>View Results by System. 

2. Select the checkbox next to the individual system for which to view scan results, and click Apply. 

"T" 




ESI HP Systems Insight Manager 



: : . 



Updated: Fri, 1 2/2C005, 9:31 :33 AM CST 

©▼A © 

Uncleared Event Status 




View Vulnerability Scan Results 

View or delete vulnerability scan results tor a single system. 

Step 1: Select Target Systems 

No targets currently selected 



System Overview 



Add targets by selecting from: 




El All Systems 
i All Events 



■ Systems 
_l Priuate 
B Shared 

Q Systems by Type 

Q Systems by Status 

D Systems by Operating Syste 

Q Clusters by Type 

Q Clusters by Status 

_l System Functions 
I Events 



] 



t| Note: Tnis tool only accepts individual systems. 



Summary: ©3 Critical 


'■ 0 Major 


i 0 Minor O 2 Normal Do Disabled 


©0 Unknown 


Total: 5 






^ | HS MP SW 


VPM | VM 


System Name *f | System Type 


System Addre 


ss | Product Name 


| OS Name 


_ 


SI v ® 




VPM1 Server 


16.127.37.243 


ProLiant DL360 G3 


Microsoft(R) Wind 




□ © ® ® 


© 


VPM2 Server 


192.168.1 21 .1 


ProLiant DL360 G3 


Microsoft(R) Wind 




r o 


© 


VPM3 Server 


16.127.37.1 85 


ProLiant DL360 G3 


Microsoft(R) Wind 




r o ® ® 


O 


hp-oi70ma4svv9q Server 


16.127.38.53 


VMware Virtual Flatter. . 


Microsoft(R) Wind j 

1 _iT 


<T ~ ~ ~ 











Verify that the correct target systems appear in the lists, click Add Targets or Remove Targets, if 

necessary to reselect target systems, and click Next. 
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HP Systems Insight Manager 



Updated: Fri, 12/2/2005, 9:43:02 AM CST 

©▼ A © 

4 10 0 4 Uncleared Event Status 





View Vulnerability Scan Results 

View or delete vulnerability scan results lor a single system. 

I Step 1: Verify Target Systems 





I 05 


Type 


I Tool launch OK? ^ I 


VPM1 


MicrosoftfR.) WindowsfFO Server 


Server 


Yes 



System Overview 



0AII Systems 
i All Events 



4. Results for all scans performed on the selected system appear. Select the scan results to view, 
and click View. 



HP Systems Insight Manager 



T 



User: administrator 
Home I Sign Out 



▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ 



Updated: Fri, 12/2/2005, 9:51:02 AM CST 

OTA© 

3 1 0 0 43 Uncleared Event Status 



View Vulnerability Scan Results 

Target: VPM1 

Step 2: View Vulnerability Scan Results 



1 







I Scan Name 


I Status 1 


Advanced Search... 




2005-1 1 -24 J 8-24_VPM_1 _6750 


completed 



View results as: Executive Summary 



0 All Systems 

1 All Events 



■ Systems 
_l Private 



1 Systems by Type 
1 Systems by Status 
I Systems by Operating Syst> 
1 Clusters by Type 
I Clusters by Status 
I System Functions 



J 



■ Vulnerabilities found can be patched or fixed by going to Deploy -> Vulnerability and Patch Management -> Patch-Fix 
Based on a Scan 

■ To modify the vulnerabilities checked for in a scan, create a custom vulnerability scan definition by going to Diagnose -> 
Vulnerability and Patch Management -> Scan -> Customize Scan. 



Customizing vulnerability scan definitions 

NOTE: Custom scans can be created from the default system scans. When default system scans are 
updated, the custom scans are updated with corresponding vulnerability updates also. 

To customize the provided vulnerability scans or previously created custom vulnerability scans: 

1 . Select Diagnose> Vulnerability and Patch Management>Scan>Customize Scan. 

2. Select a default system scan or a previously created vulnerability custom scan to modify, and 
click Edit. A list of vulnerabilities appears. Clicking the entry in either the Vulnerability ID or 
Advisory column displays additional information about the vulnerability. 
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_ '_ 111 



B3 HP Systems Insight Manager 



i Status Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs 



Customize Vulnerability Scan Definitions 

Create and manage customized vulnerability scan definitions. 



Step 1: Vulnerability Scan Definitions 

Displaying Page 2 (results 1 1 -20 of 22) 1 | 2 | 3 



Updated: Fri, 12/2/2005, 9:56:32 AM CST 
©▼ A © 

3 1 0 0 43 Uncleared Event Status 





System Overview 



0 All Systems 

1 All Events 



■ Systems 
_l Private 



D Systems by Type 

_l Systems by Status 

_l Systems by Operating System 

D Clusters by Type 

D Clusters by Status 

_l System Functions 
Events 
_l Private 
□ Shared 

D Events by Severity 

D Login Events 

_l Service Events 

J VPM Events 





I Name 


I Description 


I Created by 


o 


IIS 


IIS vulnerabilities 


System 


~o 


IE 


Internet Explorer vulnerabilities 


System 


o 


FileChecks 


Known and unknown locations file checks 


System 


o 


FileCheck_KnownLocstion 


Known location file checks 


System 


o 


FedCIRC 


FedCIRC vulnerabilities 


System 


wm 


CrossPlatform 


Default scan 


System 


o 


CVE 


CVE vulnerabilities 


System 


o 


CIAC 


CIAC vulnerabilities 


System 


o 


C2 


C2 Orange Book policy checks 


System 


o 


AutoFix 


Autofixable vulnerabilities 


System 



■ Note: HP has provided the following pre-deterrnined scan definitions. You can modify these definitions to suit your 
specific environment end save them as new customized scan definitions. 




3. Select one or more vulnerabilities to include in the custom scan definition. 

4. Enter a name and description for the new customized vulnerability scan, and click Save. 



IMPORTANT: The customized vulnerability scan must be renamed. The Vulnerability and Patch 
Management Pack default system scans cannot be modified and saved using the original 
scan name. 



ESI HP Systems Insight Manager 



Updated: Fri, 12/2/2005, 10:03:33 AM CST 

OTA© 

3 1 0 0 43 Uncleared Event Status 



Customize Vulnerability Scan Definitions 

Create and manage customized vulnerability scan definitions. 




eports ▼ Tasks & Log; 




Choose vulnerabilities to include in your custom scan definition: 

Page 1 (results 1-1 Oof 1796) 1|2|3|4|5|6|7|8|9|10 Next » 



System Overview 



0 All Systems 

1 All Events 



■ Systems 
_l Private 



D Systems by Type 

_l Systems by Status 

_l Systems by Operating System 

D Clusters by Type 

D Clusters by Status 

D System Functions 
I Events 
_l Private 
□ Shared 

D Events by Severity 

D Login Events 

_l Service Events 

J VPM Events 



Custom Vulnerability Scan Definition Name: 
Custom Vulnerability Scan Definition Description: 



Copy of CrossPlatform 



|Default scan 



h$AJiftiS 



1 



Bl 


Risk 






I Advisory 


w 


Medium 


U0163 


Xchat - /dns Query Resolution Flaw 


RHSA-2002-097 




High 


U0171 


Secureweb 3.2 - Chunked Encoding 


RHSA-2002-117 


F 


Medium 


U0172 


Mailman - Cross Site Scripting 


RHSA-2002-101 


W 


High 


U0181 


Util-linux - chfn File Lock Race 


RHSA-2002-132 


W 


High 


U0183 


OpenSSL - Handshaking 


RHSA-2002-155 


& 


High 


U0186 


MM - Symlink Attack 


RHSA-2002-156 


w 


Medium 


U0214 


PXE Server - DHCP Packet Mishandling 


RHSA-2002-165 


F 


Medium 


L0259 


Fetchmail - Header Parsing 


RHSA-2002-293 


w 


Medium 


U0277 


PAM_Xauth - Authorization Disclosure 


RHSA-2003-035 


w 


Low 


L0281 


OpenSSL - Timing Attacks 


RHSA-2003-101 



To use a customized vulnerability scan to perform scanning, see the instructions in the "Scanning for 
vulnerabilities" section. 
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Deleting a customized vulnerability scan 



NOTE: Only custom vulnerability scans can be deleted. Default system scans provided with 
Vulnerability and Patch Management Pack cannot be deleted. 

To delete a custom vulnerability scan: 

1 . Select Diagnose> Vulnerability and Patch Management>Scan>Customize Scan. 

2. Select the custom vulnerability scan to delete, and click Delete. 



HP Systems Insight Manager 



! : 



Updated: Fri, 12/2/2005, 10:12:03 AM CST 

OTA© 

3 10 0 C Uncleared Event Status 



Customize Vulnerability Scan Definitions 

Create and manage customized vulnerability scan definitions. 



■ Systems 
_l Private 
□ Shared 

D Systems by Type 

D Systems by Status 

_l Systems by Operating System 

D Clusters by Type 

D Clusters by Status 

_l System Functions 
B Events 
J Private 



1 Events by Severity 
1 Login Events 
1 Service Events 
I VPM Events 



Help ▼ Debug ^ 




Step 1: Vulnerability Scan Definitions 

Displaying Page 2 (results 1 1 -20 of 23) 1 | 2 ] 3 





Name 


| Description 


| Created by 


o 


IIS 


IIS vulnerabilities 


System 


o 


IE 


Internet Explorer vulnerabilities 


System 


o 


FileChecks 


Known and unknown locations file checks 


System 


o 


FileCheck_KnownLocation 


Known location file checks 


System 


o 


FedCIRC 


FedCIRC vulnerabilities 


System 




CustomScanl 


customscan 


User 


o 


CrossPlatform 


Default scan 


System 


o 


CVE 


CVE vulnerabilities 


System 


o 


CIAC 


CIAC vulnerabilities 


System 


o 


C2 


C2 Orange Book policy checks 


System 



Note HP has provided the following pre-determmed scan definitions. You can modify these definitions to suit your 
specific environment and save them as new customized scan definitions. 



3. Click OK when prompted to confirm the action. 



Microsoft Internet Ewp 




Deleting vulnerability scan results 

Vulnerability and Patch Management Pack scan results can be deleted either for a specified scan or 
for an individual system. Removing results will break the links to the results in the events and the 
system list. Run another scan to create new results for the system. 

Deleting scan results by scan name 

1 . Select Diagnose> Vulnerability and Patch Management>Scan>View Results by Scan Name. 
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2. Select the appropriate scan or scans, and click Delete. All results associated with the selected 
scan are deleted. 



B3 HP Systems Insight Manager 




Diagnose ▼ Reports ▼ Tasks & Logs 



Help » Debug ^ 



Updated: Fri, 12/2/2005, 9:26:32 AM CST 


OTAO 




4 1 0 0 42 Uncleared Event Status 


Search 






Search 1 


Advanced Search... 




Systems and Euents 


rasa 


Customize... 


System Overview 


0 All Systems 




i All Events 





■ Systems 
B Priuate 
□ Shared 

D Systems by Type 

_l Systems by Status 

D Systems by Operating Syste 

D Clusters by Type 

_l Clusters by Status 

Q System Functions 
1 Euents 
B Priuate 



■ Euents by Seuerrty 
3 Login Euents 



View Vulnerability Scan Results 

View or delete vulnerability scan results. 



View Vulnerability Scan Results: 





1 Scan Name 


I Status 








o 


2005-1 1 -1 8_1 1 -02_VPM_1 _401 1 


completed 


~o 


2005-1 1 -1 1 J 7-09_VPM_1 ultimovulupdatej 066 


completed 


~o 


2005-1 1 -1 1 J 3-28_VPM_1 _989 


completed 


~o 


2005-1 1 -09_09-1 7_VPM_CUIABA_225 


completed 



— view results as: [Executive Summary 



' Vulnerabilities found can be patched or fixed by going to Deploy -> Vulnerability and Patch Management -> Patch-Fix 
Based on a Scan 

■ To modify the vulnerabilities checked for in a scan, create a custom vulnerability scan definition by going to Diagnose -: 
Vulnerability and Patch Management -> Scan -> Customize Scan. 



iting scan results by system 

1 . Select Diagnose> Vulnerability and Patch Management>Scan>View Results by System. 

2. Select the individual system for which to delete results, and click Apply. 



ESI HP Systems Insight Manager 



User: administrator 
Home I Sign Out 



Updated: Fri, 1 2/2/2005, 9:31 :33 AM CST 

©▼A © 

Uncleared Event Status 




View Vulnerability Scan Results 

View or delete vulnerability scan results for a single system. 

Step 1: Select Target Systems 

No targets currently selected 




5y : : UVdP : ! .<V 



Add targets by selecting from: 



0AII Systems 
i All Events 



t| Note: Tnis tool only accepts individual systems. 



■ Systems 
B Priuate 
B Shared 

B Systems by Type 

_l Systems by Status 

B Systems by Operating Syste 

B Clusters by Type 

_l Clusters by Status 

_l System Functions 
I Euents 



Summary: ©3 Critical 


! 0 Major 


i 0 Minor O 2 Normal Do Disabled 


©0 Unknown 


Total: 5 




^ | HS | MP | SW 


VPM | VM 


System Name \ | System Type 


System Addre 


ss | Product Name 


| OS Name 


V o ® 


o 


VPM1 Server 


16.127.37.243 


ProLiant DL360 G3 


Microsoft(R) Wind_± 


□ © ® ® 


© 


VPM2 Server 


192.168.1 21 .1 


ProLiant DL360 G3 


Microsoft(R) Wind 


n © 


© 


VPM3 Server 


16.127.37.1 85 


ProLiant DL360 G3 


Microsoft(R) Wind 


r © ® ® 


© 


hp-oi70ma4svv9q Server 


16.127.38.53 


VMware Virtual Platfor.. 


Microsoft(R) Wind . 

i ►r 


<T " " " 











3. Verify that the correct target systems appear in the lists, click Add Targets or Remove Targets, i 

necessary to reselect target systems, and click Next. Results from all scans performed on the 
selected system appear. 
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HP Systems Insight Manager 




4. Select the scan results to delete, and click Delete. 



ESI HP Systems Insight Manager 



Updated: Fri, 12/2/2005, 9:51:02 AM CST 

OT&G 

3 1 0 0 43 Uncleared Event Status 



View Vulnerability Scan Results 

Target: VPM1 

Step 2: View Vulnerability Scan Results 




System Overview 



El All Systems 
i All Events 



■ Systems 
_l Private 



1 Systems by Type 
1 Systems by Status 
I Systems by Operating Syst> 
1 Clusters by Type 
I Clusters by Status 
I System Functions 



j 






| Scan Name 


| Status I 




2005-1 1 -24 J 8-24_VPM_1 _6750 


completed 



View results as: Executive Summary 



■ Vulnerabilities found can be patched or fixed by going to Deploy -> Vulnerability and Patch Management - 
Based on a Scan 

■ To modify the vulnerabilities checked for in a scan, create a custom vulnerability scan definition by going 
Vulnerability and Patch Management -> Scan -> Customize Scan. 



> Patch-Fix 
to Diagnose -: 



Vulnerability scanni 



Deploying patches and fixes 



This section provides an overview of using Vulnerability and Patch Management Pack to deploy 
patches and configuration fixes. 

Patches and configuration fixes can be deployed immediately or scheduled for deployment at a later 
time. Patches and fixes can be selected individually from the database for deployment to all systems 
or any combination of specified systems without performing a scan. Patches and fixes can also be 
deployed for all vulnerabilities identified in a particular scan. 

Patches come from the software vendor and can be updated to existing software, registry, or 
configuration settings or files. Configuration fixes resolve incorrect system settings that can leave the 
system open to security threats, such as open ports or services running that are not required. 



NOTE: Not all vulnerability issues found can be programmatically fixed or patched. Scan results 
often provide a suggested fix that must be manually performed. 



Important information about patches and fixes 

• Target systems are rebooted if required by the installed or removed patch, based on the reboot 
information obtained from the original patch source. Reboot information might occasionally 
inaccurately indicate whether a patch installation requires a reboot. 

• If multiple patches requiring reboots are applied, target systems are only rebooted once after all 
patches are applied. Required reboots can be deferred and performed later. HP recommends 
performing required reboots as soon as possible because the status of patched systems might be 
unstable when a required reboot is deferred. 

• To determine patch applicability, Vulnerability and Patch Management Pack might enhance 
patch detection criteria to be more precise than vendor information. These patches appear with 
an asterisk in the Patch Source column. HP does not modify the patch itself. 

• Risk and Vulnerability ID information might not appear because this information was not 
available at the time the patch was acquired. The information appears when the vulnerability 
database is updated to include this information. 

• By default, patches are sorted by the latest release date. Select a column heading to 
re-sort patches. 

• Target systems that are down at the time of a scheduled patch application are patched when the 
system is brought online. 

Deploying patches and fixes based on a 
vulnerability scan 

After a vulnerability scan has been performed and it is determined that security vulnerabilities or 
configuration errors exist, perform the steps in the following sections to deploy patches, configuration 
fixes, or both. 

Vulnerabilities that require manual fixes or vulnerabilities for which the patch has not been acquired 
are listed but not available for selection. 
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To deploy patches, configuration fixes, or both to systems based on a specific vulnerability scan: 

1. Select Deploy> Vulnerability and Patch Management>Patch-Fix Based on a Scan. 

2. Select the completed vulnerability scan, and click Next. 



EH HP Systems Insight Manager 



Legend - Cu5 * Deploy Patch-Fix Based on a Vulnerability Scan 

Updated: Fri, 1 2/2/2005, 1 0:32:33 t pgteh yulnerabKes found in a scan . 

3 10 o 44 uncleared Event sts step 1: Select a completed vulnerability scan 



Help ▼ Debug ▼ 



System Overview 



0AII Systems 
E All Events 

B Systems 
B Private 
J Shared 



o 


2005-1 1 -24_1 8-24_VPM_1 _6750 


completed 


K^bI 


2005-1 1 -1 8_1 1 -02_VPM_1 _401 1 


completed 


o 


2005-1 1 -1 1 _1 7-09_VPM_1 ultimovulupdatej 066 


completed 




2005-1 1 -1 1 J 3-28_VPM_1 _989 


completed 


o 


2005-1 1 -09_09-1 7_VPM_CUIABA_225 


completed 



Vulnerabilities appear for all systems included in the scan. All vulnerabilities listed might not be 
applicable for every system. Clicking the entry in the Vulnerability ID or Advisory column displays 
additional information about the vulnerability. The Requires Reboot column indicates if the patch 
requires the system to reboot after deployment. 

3. Select the vulnerabilities to patch or fix, and click Next. 



BH HP Systems Insight Manager 



Legend - Deploy Patch-Fix Based on a Vulnerability Scan 

Updated: Fri, 12/2/2005, 10:34:03 . patch vulnerafflies found in a scan . 
OTA© 

3 10 o 44 uncleared Event st; step 2: Select a vulnerability to patch 




Scan: 2005-1 1 -1 8 J 1 -02_VPM_1 _401 1 



Displaying Page 1 (resits 1 -1 0 of 58) 1 | 2 | 3 | 4 | 5 | 6 



System Overview 



0 All Systems 
2 All Events 



■ Systems 

B Private 

B Shared 

B Systems by Type I 
B Systems by Status 
B Systems by Operath 
B Clusters by Type 
B Clusters by Status 
B System Functions 
I Events 

B Private 

B Shared 

B Events by Severity 
B Login Events 
B Service Events 
BVPM Events 



■I 


Risk 


Vulnerability 
ID 


Description 


Advisory 


Requires 
Reboot? 


Source 


Released 




High 


W2663 


Graphics Rendering Engine Vulnerabilities 


MS05-053 


Yes 


MICROSOFT* 


November 
8,2005 


; 


Medium 


W2638 


Client Service for NetWare Vulnerability 


MS05-046 


Mo 


MICROSOFT 


October 
11,2005 




Low 


W2637 


Network Connection Manager Vulnerability 


MS05-045 


No 


MICROSOFT 


October 
11,2005 


w 


High 


W2575 


Plug and Play Buffer Vulnerability 


MS05-047 


No 


MICROSOFT 


October 
11,2005 


w 


Low 


W2585 


PKINIT Vulnerability 


MS05-042 


No 


MICROSOFT 


August 9, 
2005 




Medium 


W257S 


Kerberos Process Vulnerability 


MS05-042 


No 


MICROSOFT 


August 9, 
2005 




Low 


W2577 


Remote Desktop Protocol Vulnerability 


MS05-041 


No 


MICROSOFT 


August 9, 
2005 




Medium 


W2576 


Telephony Service Vulnerability 


M 305-040 


No 


MICROSOFT 


August 9, 
2005 


r 


High 


W2558 


Color Management Module Vulnerability 


MS05-036 


No 


MICROSOFT 


July 12, 
2005 


r 


Low 


W2524 


Telnet Client vulnerability - XP, 2003 


MS05-033 


No 


MICROSOFT 


June 14, 
2005 



1 Only those vulnerabilities that can be patched or fixed can be chosen. See scan results for information on fixing vulnerabilities which 
are not in this list. 

1 Reboot information is based on original vendor information. HP does not correct or validate this information. 
1 Sources listed with a "*" indicate that HP has corrected errors in the patch vendor's data feed. Data correction is only applied to 
patch metadata Vendor supplied patches are in no way altered by the patch correction process 



Deploying patches and fixes 



4. Select the systems on which to apply patches or fixes, and click Next. 



EsJ HP Systems Insight Manager 



Tools ▼ Deploy ▼ Configure ▼ Diagnose 



Deploy Patch-Fix Based on a Vulnerability Scan 




Updated: Fri, 1 2C/2005, 1 0:54:33 . Ratch vu|nerataiHies founc| in a scan . 

OTA© 

4 10 o 44 uncleared Event st. step 3: Select one or more systems to patch 



advance 




Name | Syst 


1 


Type | Syst 





|7 VPM1 
Custc I □ VPM2 



Server 
Server 



16.1 27.37.243 
192.1 68.1 21 .1 



Product Name OS Na 



ProLiant DL360 G3 Windows 2003 Server 

ProLiant DL360 G3 Windows 2003 Server 




System Overview 



Ej All Systems 
I All Events 



■ Systems 
B Private 
_l Shared 



< Previous I Next > 



5. Designate when the patched systems will be rebooted. Reboots can be performed immediately 
after the patches or fixes are installed or postponed until later. The local user can also be given 
the option to accept or reject the reboot. 



NOTE: If the local user rejects the reboot, there will not be another automatic reminder. 



6. To deploy patches or fixes immediately, click Run Now. To schedule the patch or fix deployment, 
click Schedule. 




HP Systems Insight Manager 



Deploy Patch-Fix Based on a Vulnerability Scan 



Updated: Fri , 1 2/2/2005 ,11: 03: 33 . Target . vpM1 

OTA© 

4 1 o o 45 uncleared Event sis step 4: Select reboot policy after patching 



Ac 



System Overview 



Reboot at end of patch session - upon completion of all patches, reboot 
.Allow local user to accept/reject system reboot 



B All Systems 
2 All Events 



B Systems 

_l Private 

□ Shared 
Q Systems by Type 
Q Systems by Status 
Q Systems by Operath 
Q Clusters by Type 
Q Clusters by Status 

•I 1 



f No reboot - prevent reboots after patching 
Note: 

■ Systems needing reboot can be identified under Diagnose -> Vuinetabiiity and Patch Management -> View Patch Reboot Status 
Systems needing reboot can be manually rebooted, or a reboot can be initiated or scheduled. 



7. If scheduling the patch or fix deployment: 

c. Enter an appropriate name for the task or accept the default name, and select Once. 

d. Designate a time and date to run the task, and click Done. 
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Bsl HP Systems Insight Manager 



Tools f Deploy ▼ Configure ▼ Diagi 



Deploy Patch-Fix Based on a Vulnerability Scan 



Updated: Fri. 1 2G/2005, 11:06:33 . Ta|T|fit . vpM1 

©▼A© 

4 10 o 45 uncleared Event st; Step 5: Schedule Task 



: : 



System Overview 



Task name: Patch-Fix Based on a Scan 1 

When would you like this task to run? 

C Periodically 
C Once 
* Not scheduled 




El All Systems 
I All Events 



1 Private 

1 Shared 
D Systems by Type 
D Systems by Status 
D Systems by Operatii 
D Clusters by Type 
D Clusters by Status 

r 



In addition: 

I - Run when the central management server is started 
\~ Run now 



Refine schedule: 



f Disable this task 



8. View task results in the VPM Events list after the task completes. 

To view the list of target systems that require reboot, see the "Viewing the patch reboot status" 
section. 



Deploying patches without a vulnerability scan 

If a patch is released that must be deployed immediately, the patch can be applied without running a 
scan. In normal circumstances, HP recommends running a scan before deploying patches. 

To deploy patches to systems without running a scan: 

1 . Select Deploy> Vulnerability and Patch Management>Patch without a Scan. 

2. Select the target systems to patch either by selecting a group from the dropdown list or by 
selecting the individual systems. 

Click Apply. 



3. 



B3 HP Systems Insight Manager 



Deploy ▼ Configure ▼ Diagno; 




Reports ▼ Tasks & Logs ▼ Opt 



Apply Patch 



Updated: Fri, 1 2^/2005, 1 :21 :03 PI App|y patches fa se|ected systems 
© ! ! 



6 10 o 47 uncleared Event sta step 1: Select Target Systems 



eoSe 



No targets currently selected 



System Overview 



Add targets by selecting from: 



S All Systems 
i All Events 



All Systems 



□ systems 
_|Priuate 
B Shared 
D Systems by Type 
_l Systems by Status 
_l Systems by Operatii 
Q Clusters by Type 
D Clusters by Status I 

>J-Z 1 



□ Select "All Systems" itself 

Summary: © 3 Critical W 0 Major ib, 0 Minor Os Normal Do Disabled ©0 Unknown Total: 6 



^ HS MP SW VPM VM System Name ^ System Type System Address Product Hai 




F O ® ® O 
R O ® O 

F G ® ® G 

□ © © 

n ^ m m o_ 



VPM1 
VPM2 
VPM3 

cuiataa_2k3_02 
hB-oi70ma4svv9a 



Server 

Server 

Server 

Unmanaged 

Server 



16.1 27.37.133 
16.1 27.37.243 
192.1 68.121 .1 
16.1 27.37.185 
16.1 27.3! 



ProLiant DL360 03 
ProLiant DL360 G3 
ProLiant DL360 G3 



MicrosoftCR) Windows (R . . . 
Microsoft(R) Wlndows(R . . . 
MicrosoftCR) VVlndowsfR . . . 

MicrosoftCR l Windowsf R . . . 



4. Verify that the correct target systems appear in the lists, click Add Targets or Remove Targets, if 

necessary to reselect target systems, and click Next. 
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B3 HP Systems Insight Manager 



Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help ▼ Debug - 



Legend... 



Apply Patch 



Updated: Fri, 12/2/2005, 1:46:03 PI App|y patchesto se|eded systems . 



6 10 o 47 uncleared Event sta step 1: Verify Target Systems 








I OS 


Type 






□ 


VPM1 


Microsoft(R) WlndowsfR) Server 


Server 


Yes 


□ 


VPM2 


Microsoft(R) WindowsfFO Server 2003. Enterpris 


Server 


Yes 


□ 


VPM3 


Microsoft(R) VVlndows(R) Server 


Server 


Yes 



B All Systems 
a All Events 



5. If any selected systems are unlicensed or licensed with a time-limited license, permanent licenses 
can be applied at this time. If licenses are available, select any unlicensed system in the list to 
license, and click Apply License. To add licenses using a key string, click Add Key, enter the key 
string in the field, and click OK. 

IMPORTANT: If systems listed as Unknown or Unmanaged in HP SIM are selected for licensing, a 
server license is assumed and automatically applied. HP recommends modifying the HP SIM settings 
to properly identify systems before licensing. 

IMPORTANT: Any unlicensed systems not licensed at this time will not be included in the 
patch deployment. 



NOTE: If all target systems initially selected for the task are licensed with permanent licenses, the 
license validation page does not appear. 



Click Next. 



HP Systems Insight Manager 



T 



User: administrator 
Home | Sign Out 



▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help ▼ Debug ▼ 



Legena - ^° Apply Patch 

Updated: Fri, 1 2^2/2005, 1:51 :34 PI Ucensed Nodes; vpM1 _ vpM2 

6 10 o 47 uncleared Event sta step 2: License unlicensed systems (optional) 



Some of the selected target systems are unlicensed or licensed with demo keys . Unlicensed systems cannot be included . 

If there are more unlicensed systems than licenses available and you have one or more keys providing additional licenses fortius product, use Add Key to add 
these keys. 



_l 



VPM Server Licenses Available: 1 



VPM Client Licenses Available: 5 



Type Model System IP Address 



!i! All Systems 
2 All Events 



■ Systems 
B Private 
Bshamrl 



J 



Licensed Systems: 2 

Server ProLiant DL36Q G3 1 92.1 68.1 21 .1 J 



< Previou 


n 


Add Key... 


^ ;i^iyLitbu-i3 | 


Hext> 



All patches included in the patch database appear. Clicking the entry in the Vulnerability ID or 
Advisory column displays additional information about the patch. The Requires Reboot column 
indicates if the patch requires the system to reboot after deployment. 

7. Select the vulnerabilities to which to apply patches, and click Next. 
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B3 HP Systems Insight Manager 



Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help ▼ Debug 



Apply Patch 



Updated: Fri, 1 2J2J2005, 2:01 :04 PI Tarqels: V PM1, VPM2, VPM3 
©V ! O 



6 10 o 47 uncleared Event sta step 3: Select one or more patches to apply 



System Overview 



0AII Systems 
I All Events 




All patches 
Microsoft patches 
(~ Red Hat patches 



Displaying Page 1 (results 1-1 Oof 769) 1|2|3|4|5|6|7|8|9|10 Next 



■ Systems 

B Private 

B Shared 

B Systems by Type 
B Systems by Status 
B Systems by Operatii 
B Clusters by Type 
B Clusters by Status 
B System Functions 
9 Events 

B Private 

B Shared 

B Events by Severity 
B Login Events 
B Service Events 
BVPM Events 



H| 


Risk 


Vulnerability 
ID 


Description 


Advisory 


Requires 
Reboot? 


Source 


Released 


fi? 


High 


W2663 


Graphics Rendering Engine Vulnerabilities 


MS05-053 


Yes 


MICROSOFT* 


November 
8,2005 


W 


Low 


W2651 


Web View Script Injection Vulnerability 


MS05-049 


No 


MICROSOFT 


October 
1 1 , 2005 


R? 


High 


W2650 


Internet Explorer COM Object Vulnerability - NT 4.0 


MS05-052 


Yes 


MICROSOFT* 


October 
1 1 , 2005 


F? 


High 


W2649 


DirectShow Unchecked Buffer Vulnerability - NT 4.0 


MS05-050 


Yes 


MICROSOFT* 


October 
1 1 , 2005 


F? 


High 


W2648 


Windows Shell .Ink Vulnerabilities - NT 4.0 


MS05-049 


No 


MICROSOFT 


October 
1 1 , 2005 


I* 


Medium 


W2647 


Plug and Play Validation Vulnerability - NT 4 .0 


MS05-047 


No 


MICROSOFT 


October 
1 1 , 2005 


& 


Medium 


W2646 


Client Service for NetWare Vulnerability - NT 4.0 


MS05-046 


No 


MICROSOFT 


October 
1 1 , 2005 




High 


W2644 


Internet Explorer COM Object Vulnerability 


MS05-052 


Yes 


MICROSOFT* 


October 
1 1 , 2005 




High 


W2643 


MSDTC and COM+ Vulnerabilities 


MS05-051 


No 


MICROSOFT 


October 
1 1 , 2005 




High 


W2642 


DirectShow Unchecked Buffer Vulnerability 


MS05-050 


Yes 


MICROSOFT* 


October 
1 1 , 2005 



• Reboot information is based on original vendor information HP does not correct or validate this information. 

< Sources listed with a "*" indicate that HP has corrected errors in the patch vernier's data feed. Data correction is only applied to 

patch metadata. Vendor supplied patches are in no way altered by the patch correction process. 
1 Make sure that the VPM Patch Agent is installed on the selected targets Otherwise the selected patches will fail to install 



8. Designate when the patched systems should be rebooted. Reboots can be performed 

immediately after the patches or fixes are installed or postponed until later. The local user can 
also be given the option to accept or reject the reboot. 

NOTE: If the local user rejects the reboot, there will not be another automatic reminder. 



9. To schedule patch deployment, choose one of the following options: 
o To deploy patches immediately, click Run Now. 
o To schedule the patch deployment, click Schedule. 



B5I HP Systems Insight Manager 



Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs -* 



Updated: Fri, 12C/200S, 2:27:34 PI Tarqels: VPM1i VP M2,VPM3 

© ! ! 

6 10 o 47 uncleared Event sta step 4: Select reboot policy after patching 



{*" Reboot at end of patch session - upon completion of all patches, reboot 
Allow local user to accept/reject system reboot 

O No reboot - prevent reboots after patching 



: - 



System Overview 



0AII Systems 
I All Events 



■ Systems 

B Private 

B Shared 

B Systems by Type 
B Systems by Status 
B Systems by Operatii 
B Clusters by Type 
B Clusters by Status 
Bsvstem Functions 



Systems needing reboot can be identified under Diagnose -> Vulnerability and Patch Management -> View Patch Reboot Status. 
Systems needing reboot can be manually rebooted, or a reboot can be initiated or scheduled. 



lions 



10. If scheduling the patch deployment: 
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a. Enter an appropriate name for the deployment task or accept the default name, and 
select Once. 

b. Designate a time and date to run the patch deployment task, and click Done. 
11. View task results in the VPM Events list after the task completes. 

To view the list of target systems that require reboot, see the "Viewing the patch reboot status" 
section. 



ewing the patch repository 



1 . Select Diagnose> Vulnerability and Patch Management>View Patch Repository. 

2. To filter the list of displayed patches, select the appropriate patch source from the list. To view 
information about a specific patch, click the patch identification number in the Advisory or 
Vulnerability ID column. 



f§J HP Systems Insight Manager 



Tools ▼ Deploy ▼ Configure ▼ Diagnose ^ 



Tasks & Logs ▼ Options ▼ Help ▼ Debug ^ 



Updated: Fri, 12/2/2005, 2:37:04 PI 
© ! ! 

6 10 0 47 Uncleared Event Sta 



, ... .... 



System Overview 



0 All Systems 

1 All Events 



View Patch Repository 

View the patches that have been downloaded into the patch repository. 

Review all or a selected portion of the repository 



** All patches 

Microsoft patches 
C Red Hat patches 

Displaying Page 1 (results 1-1 Oof 769) 1|2|3|4|5|6|7|8|9|1Q Next 3 



■ Systems 

B Private 

O Shared 
D Systems by Type 
D Systems by Status I 
D Systems by Operath | 
D Clusters by Type 
D Clusters by Status 
D System Functions 
3 Events 

B Private 

B Shared 
B Events by Severity 
B Login Events 
B Service Events 
B VPM Events 



Risk 


Vulnerability 
ID 


Description 


Advisory 


Requires 
Reboot? 


Source 


Released 


High 


W2663 


Graphics Rendering Engine Vulnerabilities 


MS05-053 


Yes 


MICROSOFT* 


November 
8,2005 


Low 


W2651 


Web View Script Injection Vulnerability 


MS05-049 


No 


MICROSOFT 


October 1 1 , 
2005 


High 


W2650 


Internet Explorer COM Object Vulnerability - NT 4.0 


MS05-052 


Yes 


MICROSOFT* 


October 1 1 , 
2005 


High 


W2649 


DirectShow Unchecked Buffer Vulnerability - NT 4.0 


MS05-050 


Yes 


MICROSOFT* 


October 1 1 , 
2005 


High 


W2648 


Windows Shell .Ink Vulnerabilities - NT 4.0 


MS05-049 


No 


MICROSOFT 


October 1 1 , 
2005 


Medium 


W2647 


Plug and Play Validation Vulnerability - NT 4.0 


MS05-047 


No 


MICROSOFT 


October 1 1 , 
2005 


Medium 


W2646 


Client Service for NetWare Vulnerability - NT 4.0 


MS05-046 


No 


MICROSOFT 


October 1 1 , 
2005 


High 


W2644 


Internet Explorer COM Object Vulnerability 


MS05-052 


Yes 


MICROSOFT* 


October 1 1 , 
2005 


High 


W2643 


MSDTC and CQM+ Vulnerabilities 


MS05-051 


No 


MICROSOFT 


October 1 1 , 
2005 


High 


W2642 


DirectShow Unchecked Buffer Vulnerability 


MS05-050 


Yes 


MICROSOFT* 


October 1 1 , 
2005 



■ . 

■ Reboot information is based on original vendor information. HP does not correct or validate this information. 

■ Sources listed with a indicate that HP has conected enots in the patch vendor's data feed Data conection is only applied to 
patch metadata. Vendor supplied patches are in no way altered by the patch correction process. 



ewing the patch reboot status 

Certain patches require that the server be rebooted after installation. During patch deployment, the 
option can be selected to reboot the server later. The patch deployment is not complete until after the 
server has been rebooted. 

To view the patch status and initiate reboots for selected systems: 

1 . Select Diagnose>Vulnerability and Patch Management>View Patch Reboot Status. 

2. Select the target systems for which to view the reboot status either by selecting a group from the 
dropdown list or by selecting the checkbox next to individual systems. 

3. Click Apply. 
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I&3 HP Systems Insight Manager 



Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help ▼ Debug ▼ 



Legend... Customize... 
Updated: Mon, 1 2/5/2005, 1 0:59:1 9 AM CST 
©¥ A© 

6 10 0 46 Uncleared Event Status 



View Patch Reboot Status 

View patch reboot status of selected systems. 



Step 1: Select Target Systems 




No tiff juts currently selected 



System Overview 



0 All Systems 
3 All Events 



Atld targets by selecting from: 



| All Systems 



I Systems 
_J Private 
B Shared 

D Systems by Type 

_l Systems Ijy Status 

D Systems by Operating Systc 

D Clusters by Type 

D Clusters by Status 

_J System Functions 
I Events 
B Private 
B Shared 



□ Select "All Systems" itself 

Summary: © 3 Critical W 0 Major ! 0 Minor O 3 Normal □ 0 Disabled ©0 Unknown Total: 6 



HS MP SW VPM VM System Name ^ System Type System Addre 



0 


o 


® 


® 


o 


VPM1 


Server 


16.127.37.133 


ProLiant DL360 G3 


Microsoft(R) Wine 


0 


o 




® 


o 


VPM2 


Server 


16.127.37.243 


ProLiant DL360 G3 


Microsoft(R) Wine 


□ 


o 


® 


® 


o 


VPM3 


Server 


192.168.1 21 .1 


ProLiant DL360 G3 


Microsoft(R) Wine 


□ 


© 






® 


cuiaba_2k3_02 


Unmanaged 


16.127.37.185 






□ 


© 


® 


® 


© 


hp-oi70ma4sw9q 


Server 


16.127.38.53 


VMware Virtual F'latfor.. 


Microsoft(R) Wine 





> 



Verify that the correct target systems appear in the lists, click Add Targets or Remove Targets, if 
necessary to reselect target systems, and click Next. 



ESsI HP Systems Insight Manager 





B 


Legend... 


Customize... 


Updated: Mon, 1 2/5/2005, 11:10:20 AM CST 


©V AO 
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B 




Advanced Search... 






Customize... 




0 All Systems 




2 All Events 




m w 









T 



View Patch Reboot Status 

View patch reboot status of selected systems. 

Step 1: Verify Target Systems 



1 







05 


Type 


Tool launch OK? + 




VPM1 


Microsoft(R) WindowsfRI Server 


Server 


Yes 




VPM2 


Microsoft! R j VVindowsf R) Server 2003. Enterpris 


Server 


Yes 


□ 


VPM3 


Microsoft(R) Windows(R) Server 


Server 


Yes 



5. The patch reboot status for the selected systems appears in the Reboot Status column. Select the 
systems to reboot, and select if the local user of all the listed systems will be given the option to 
accept or reject the reboot. 



NOTE: If the local user rejects the reboot, there will not be another automatic reminder. 



NOTE: The Reboot Status column does not indicate that reboots are required for systems until after 
the patch deployment task is complete. 



6. To reboot the selected systems immediately, click Run Now. To schedule the reboot, click 
Schedule. 
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Eel HP Systems Insight Manager 



□B Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help ▼ Debug - 



ustor re 



Updated: Mon, 1 2/5/2005, 1 1 :1 5:20 AM CST 

OTA© 
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View Patch Reboot Status 

View patch reboot status of selected systems. 



Step 2: View selected systems patch reboot status and select systems to reboot 





M I System Name 


I Reboot Status 


W VPM1 


Needed 


VPM3 


Not Needed 



Ei All Systems 
I All Events 



< 



1 Systems 
B Private 
J Sliai e<l 



3 0 



EH Allow local user to accept/reject system reboots 



7. If scheduling the reboot task: 

a. Enter an appropriate name for the reboot task or accept the default name, and select Once. 

b. Designate a time and date to run the reboot task, and click Done. 



Viewing patch installation status 



You can view consolidated reports showing patch installation status for all systems managed by 
Vulnerability and Patch Management Pack. The VPM Patch Agent updates the patch database with a 
list of all applicable patches, including patches installed by methods other than Vulnerability and 
Patch Management Pack. Patch reports display the installation status of these patches for each system. 
The recommended method for determining required patches is performing a vulnerability scan. 

You can view reports by systems or patches. A search filter is also available to view the status of a 
particular patch on a particular system. 

Information displayed in patch reports is obtained during the most recent patch deployment or 
validation task and, therefore, might not be current. The patch installation status can be updated by 
validating installed patches. For information, see the "Validating installed patches" section. 



ewing patch installation status by patch 



1 . Select Diagnose>Vulnerability and Patch Management>View Patch Installation Status>View by 
Patch. 

2. To filter the list of displayed patches, select the appropriate patch source from the list. To view 
information about a specific patch, click the patch identification number in the Advisory column. 
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B3 HP Systems Insight Manager 



Tools ▼ Deploy ▼ Configure ▼ Diagno 



! ▼ Reports ▼ Tasks & Logs ▼ Optii 



Updated: Tue, 1 2/1 3/2005, 2:1 6:42 PM CST 
0 10 7 Uncleared Event Status 




View Patch Status By Patch 

View Patch Installation Status by Patch 

I View patch status for all or part of the repository 



(* All patches 

C Microsoft patches 

C Red Hat patches 

Displaying Page 1 (results 1 -1 0 of 20) <[\2 



System Overview 



H All Systems 
I All Events 



_l Priuate 
B Shared 

D Systems by Type 

_l Systems by Status 

_l Systems by Operating System 

Q Clusters by Type 

D Clusters by Status 

D System Functions 
1 Euents 
_l Priuate 
B Shared 

B Euents by Seuerity 

B Login Euents 

_l Service Euents 

J VPM Euents 




Click on the numbers inside the table for additional information. 



Aduisory 


Description 


Installed 


Hot 

Installed 


Other Total 


MS03-031 


Cumulative Patch for Microsoft SQL Server (81 5495) 


0 


J 


0 1 


MS05-004 


ASP.NET Path Validation Vulnerability (887219) 


1 


0 


0 1 


MS05-026 


Vulnerability in HTML Help Could Allow Remote Code Execution (896358) 


0 




0 1 


MS05-027 


Vulnerability in Server Message Block Could Allow Remote Code Execution 
(896422) 


0 




0 1 


MS05-032 


Vulnerability in Microsoft Agent Could Allow Spoofing (890046) 


0 




0 1 


MS05-033 


Vulnerability in Telnet Client Could Allow Information Disclosure (896428) 


0 




0 1 


MS05-036 


Vulnerability in Microsoft Color Management Module Could Allow Remote Code 
Execution (901 21 4) 


0 




0 1 


MS05-038 


Cumulative Security Update for Internet Explorer (896727) 


0 




0 1 


MS05-039 


Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation 
of Privilege (899588) 


0 




0 1 


MS05-040 


Vulnerability in Windows Telephony Service Could Allow Remote Code 
Execution (893756) 


0 


1 


0 1 



Viewing patch installation status by search filter 



Select Diagnose>Vulnerability and Patch Management>View Patch Installation Status>View by 
Search Filter. 

Enter a search parameter in the appropriate field, and click Search. You can view patches either 
by advisory number, target system, or the status of patches. Advisory numbers are in the form 
MS05-005 or RHSA-2005-05-850. 



User: administrator 
Home I Sign Out 



Qg| HP Systems Insight Manager 



System Status Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Reports * Tasks & Logs ^ Options 



Legend.. 



Customize... 



Updated: Tue, 12/13/2005, 2:55:42 PM CST 
OTA© 

0 10 7 Uncleared Event Status 




View Patch Status By Search Filter 

View Patch Installation Status by Search Filter 



Step 1: Enter search criteria 

I 



"31 



El All Systems 
2 All Events 



J A 



3. To view information about a specific patch, click the patch identification number in the Advisory 
column. 
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B3 HP Systems Insight Manager 



Tools ▼ Deploy ▼ Configi 



! ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Opt 



Legend... 



Updated: Tue, 1 2/1 3/2005, 3:03:42 PM CST 

©▼ AO 

Uncleared Event Status 



View Patch Status By Search Filter 

View Patch Installation Status by Search Filter 

Step 2: Search Results 




System Overview 



* All Systems 
» All Events 



1 



■ Systems 
B Private 
B Shared 

B Systems by Type 

_l Systems by Status 

B Systems by Operating Syste 

B Clusters by Type 

B Clusters by Status 

_J System Functions 
1 Events 
_l Private 



Device 


Advisory 


Description 


Requires 
Reboot 


Patch Status 


Date Status 


VPM1 


MS05-004 


ASP.NET Path Validation Vulnerability 
(88721 9) 


Yes 


Installed 


December 7, 2005 


VPM2 


MS05-045 


Vulnerability in Network Connection 
Manager Could Allow Denial of Service 
(90541 4) 


No 


Installed 


December 7, 2005 


VPM3 


MS05-046 


Vulnerability in the Client Service for 
NetWare Could Allow Remote Code 
Execution (899589) 


No 


Installed 


December 7, 2005 


VPM4 


MS05-049 


Vulnerabilities in Windows Shell Could 
Allow Remote Code Execution (900725) 


No 


Installed 


December 7, 2005 


VPM5 


MS05-050 


Vulnerability in DirectShow Could Allow 
Remote Code Execution (904706) 


Yes 


Installed 


December 7, 2005 


VPM6 


MS05-051 


Vulnerabilities in MSDTC and COM+ Could 
Allow Remote Code Execution (902400) 


No 


Installed 


December 7, 2005 



1 



ewing patch installation status by system 



1 . Select Diagnose> Vulnerability and Patch Management>View Patch Installation Status>View by 
System. 

2. Click the entry in the Installed, Not Installed, or Other column for a system to display additional 
information about patches for that system. An entry in the Other column indicates that 
Vulnerability and Patch Management Pack cannot determine if the patch has been installed, 
possibly because adequate information was not provided by the patch vendor. 



HP Systems Insight Manager 



System Status B 


Legend... 


Customize... 


Updated: Tue, 1 2/1 3/2005, 3:21:13 PM CST 






0 10 7 Uncleared Event Status 


Search 


□ 




Advanced Search... 






BIB 


Customize... 


System Overview 


0 All Systems 




i All Events 





T 



User: administrator 
Home | Sign Out 



Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help - 



View Patch Status By System 

View Patch Installation Status by System 



Deuice 




I Installed 


I Hot Installed 






VPM1 


December 7, 2005 


6 


15 


0 


21 


VPM2 


December 7, 2005 


5 


1 


0 


6 


VPM3 


December 7, 2005 


6 


15 


0 


21 



■ USick on the numbers inside the table for additional information. 



■ Systems 

B Priuate 

B Shared 
B Systems by Type 
B Systems by Status 



ig.SvstjZJ 



ewing the patches installed by Vulnerability and Patch 
Management Pack 

A list of patches that have been applied by Vulnerability and Patch Management Pack is maintained 
for each system. To view the list of patches for an individual system: 

1 . Select Diagnose> Vulnerability and Patch Management>View Patch Installation Status>View 
Patches Installed by VPM. 

2. Select the system for which to view patches installed, and click Apply. 
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HP Systems Insight Manager 



System Statu 



Updated: Mon, 1 2/5/2005, 2:25:39 PM CST 

©T A© 
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Deploy f Config 



View Patches Installed by VPM 

View patches installed by VPM. 

I Step 1: Select Target Systems 

No targets currently selected 




System Overview 



0 All Systems 
2 All Events 



J Systems 
_l Private 
B Shared 

D Systems by Type 

_l Systems liy Status 

D Systems by Operating Systc 

D Clusters by Type 

Q Clusters by Status 

_l System Functions 
I Events 
B Private 
B Shamf I 



Acid tai yets by selecting f rem: 



All Systems 



O Select "All Systems" itself 



Summary: ©4 Critical 


' 0 Major 


ZliO Minor O 2 Normal Disabled 


© 0 Unknown 


Total: 6 




g HS MP SW 


VPM | UM 


System Nime ^ 


System Type 


System Addre 


ss | Product Name 


| 05 Name 


0 O ® ® 


o 


VPM1 


Server 


16.1 27.37.1 33 


ProLiant DL360 G3 


Microsoft(R) Wine 


□ O ® 


© 


VPM2 


Server 


16.1 27.37.243 


ProLiant DL360 G3 


Microsoft(R) Wine 


□ © ® ® 


o 


VPM3 


Server 


192.163.121 .1 


ProLiant DL360 G3 


Microsoft(R) Wine 


□ O 


® 


cuiaba_2k3_02 


Unmanaged 


16.1 27.37.1 85 






□ O ® ® 


o 


hp-oi70ma4svv9q 


Server 


16.1 27.38.53 


VMware Virtual Platfor.. 


Microsoft(R) Wine 








mi 






> 



3. Verify that the correct target systems appear in the lists, click Add Targets or Remove Targets, if 

necessary to reselect target systems, and click Next. 



B3 HP Systems Insight Manager 



System Status □( Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Optimize ▼ Reports ▼ Tasks & Logs ▼ Options ^ 



T 



User: administrator 
Home | Sign Out 



Updated Tue, 1 2 /1 3/2005, 2:46:1 7 PM CST yj ew p a t C heS Installed by VPM 

View patches installed on a single system. 



OTA© 

4 24 1 29 Uncleared Event Status 



Step 1: Verify Target Systems 



Advanced Search... 




| Type 


| Tool lai 






I □ VPM1 Microsoft(R) Wlndows(R) Server 


Server 


Yes 





1 



> s ■ 



\K\ All Systems 
1 All Events 



H Systems 
B Private 

lJ I 



"J 



The list of patches installed on the system by Vulnerability and Patch Management Pack appears. 
The Status column indicates one of the following states for each patch: 

Install - Successful— The patch installation completed successfully. 

Install - Unsuccessful— The patch installation did not complete successfully. 

Install - Restore— The patch was previously installed, removed, and restored. 

Reboot Required— The patch requires a reboot, which has not yet been performed. 

Not Applicable— The patch was not installed because it was not needed on this system. 
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dating installed patches 



Patch validation identifies any missing patches on target systems and immediately reinstalls the patch, 
creating a patch deployment event in HP SIM. If a VPM Patch Agent update has been acquired, the 
update is also automatically applied. If reinstalled patches require selected target systems to be 
rebooted, this action is automatically deferred. The reboot status can be viewed after a validation task 
has completed by selecting Diagnose>Vulnerability and Patch Management>View Patch Reboot 
Status. 

Schedule a task to periodically verify that deployed patches are still installed on the target systems. 
Scheduling the task determines how often the VPM Patch Agent performs the verification. 

1. Select Deploy>Vulnerability and Patch Management>Validate Installed Patches. 

2. Select the target systems for which to validate installed patches by selecting a group from the 
dropdown list or selecting the individual systems. 

3. Click Apply. 
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Validate Installed Patches 

Periodically verify that deployed patches are still installed on the target systems. 



Step 1: Select Target Systems 




No targets currently selected 



System Overview 



ED All Systems 
I All Events 



I Systems 
B Private 
O Shared 

Q Systems by Type 

D Systems by Status 

Q Systems by Operating Systc 

Q Clusters by Type 

D Clusters by Status 

Q System Functions 
1 Events 
_J Private 
B Sbarecl 



Add targets by selecting from: 



| All Systems 



□ Select "All Systems" itself 



> 



Summary: ( 


i 3 Critical 


1 0 Major 


A 0 Minor O 3 Normal Ho Disabled 


©0 Unknown 


Total: 6 






■ |" 


MP | 5W 


VPM | VM 


System Name 


-f | System Type 


System Addres 


■ | Product Name 


| 05 Name 




0 o 




o 


VPM1 


Server 


16.127.37.133 


ProLiant DL360 G3 


Microsoft(R) Wine 




0 o 


® 


o 


VPM2 


Server 


16.127.37.243 


ProLiant DL360 G3 


Microsoft(R) Wine 




\m o 


® ® 


o 


VPM3 


Server 


192.168.1 21 .1 


ProLiant DL360 G3 


Microsoft(R) Wine 




□ o 




® 


cuiaba_2k3_02 


Unmanaged 


16.127.37.185 








□ © 


® ® 


o 


hp-oi70ma4svv9q 


Server 


16.127.38.53 


VMware Virtual Platfor.. 


Microsoft(R) Wine 




















< 














a 



Verify that the correct target systems appear in the lists, click Add Targets or Remove Targets, if 

necessary to reselect target systems, and click Next. 



Deploying patches and fixes 72 



Gsl HP Systems Insight Manager 



□ B Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Options ▼ Help ^ 



EE 
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Validate Installed Patches 

Periodically verify that deployed patches are still installed on the target systems. 

Step 1: Verify Target Systems 



a 

A- 

I 





Name 


05 


Type 


Tool launch OK? ^ 


□ 


VPM1 


MicrosoftfR] Windows(R) Server 


Server 


Yes 


□ 


VPM2 


Microsoft(R') WindowsfFO Server 2003. Enterpris 


Server 


Yes 


□ 


VPM3 


Microsoft(R) Windows(R) Server 


Server 


Yes 



5. Enter an appropriate name for the validation task, or accept the default name. 

6. To schedule the validation task, choose one of the following options: 

o To validate the installed patches immediately, select Run now, and click Done, 
o To schedule the validation task to run on a regular basis, select Periodically, 
o To run the task one time, select Once. 

7. Designate a time and date to run the validation task, and click Done. 



NOTE: Multiple patch validation tasks can be scheduled at different frequencies for groups of 
target systems. 
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Validate Installed Patches 

Targets: VPM1, VPM2.VPM3 

Step 2: Schedule Task 



Task name: Validate Installed Patches 1 



S All Systems 
a All Events 



I Systems 
B Private 
B Shared 

_J Systems l>y Type 
B Systems hy Status 

Sy stems l>y Opei.itin<j Syst* 
_l Olustei s l>y Type 
B Clusters hy Status 
B System Functions 



a: 




When would you like this task to run? 

O Periodically 
Once 

Not scheduled 



In addition: 

I | Run when the central management server is started 
| | Run now 



I - III- < lk<H|u|<-' 



Disable this task 



8. View task results in the VPM Events list after the task completes. 

Deploying the VPM Patch Agent 

The VPM Patch Agent is automatically deployed when target systems are licensed to allow patches to 
be applied to the systems. If the VPM Patch Agent is removed from a system for any reason or is not 
properly deployed to the target system, complete the following instructions to deploy the VPM Patch 
Agent. 
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NOTE: If the VPM Patch Agent deployment failed, be sure that the system is accessible by selecting 
Options>Protocol Settings>System Protocol Settings and verifying that the WBEM credentials have 
been configured properly. 

To deploy the VPM Patch Agent to systems to enable patching: 

1. Select Deploy> Vulnerability and Patch Management>VPM Patch Agent. 

2. Select the target systems on which to deploy the VPM Patch Agent either by selecting a group 
from the dropdown list or by selecting the systems. 

3. Click Apply. 

7T 



User: administrator 
Home I Sig n Out 
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Deploy VPM Patch Agent 

Deploy the VPM patch agent to selected systems. 



Legend... 


Customize... 


Updated: Mon, 12/5/2005, 2:25:39 
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Search 




■ 




Advanced Search... 


Systems and Events ll 


|H Customize... 


System Overview 


0 All Systems 






I All Events 






_l Systems 






Pi ivnite 






Sli.ii e<l 






_l Systems lny Type 






Q Systems liy Status 






D Systems by Operating Systf 




_l Clusters l)y Type 






D Clusters by Status 




J 


D System Functions 






B Events 






_l Private 






D Shared 






> 









Step 1: Select Target Systems 



No tttf juts currently selected 



Add targets hy selecting from: 



All Systems 



□ Select "All Systems" itself 
Summary: © 4 Critical ! 0 Major l 0 Minor 2 Normal 0 Disabled 



P 0 Unknown Total: 6 



HS MP SW VPM VM System Name + System Type System Address Product Na 



0 


o ® 


® o 


VPM1 


Server 


16.127.37.133 


ProLiant DL360 G3 


Microsoft(R) Wine 


A 


0 


o 


® o 


VPM2 


Server 


16.127.37.243 


ProLiant DL360 G3 


Microsoft(R) Wine 




0 


o ® 


® o 


VPM3 


Server 


192.1 68.121 .1 


ProLiant DL360 G3 


Microsoft(R) Wine 




□ 


© 


® 


cuiaba_2k3_02 


Unmanaged 


16.127.37.185 








□ 


© ® 


® © 


hp-oi70ma4svv9q 


Server 


16.127.38.53 


'v'Mware Virtual Platter.. 


Microsoft(R) Wine 
> 





4. Verify that the correct target systems appear in the lists, click Add Targets or Remove Targets, if 

necessary to reselect target systems, and click Next. 
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Deploy VPM Patch Agent 

Deploy the VPM patch agent to selected systems. 

Step 1: Verify Target Systems 



Systems and Events 



v : :: .... .. v 



0 All Systems 
2 All Events 



■ Name OS | Type 


Tool launch OK? 




□ 


VPM1 


Microsoft(R) Windows(R) Server 


Server 


Yes 


□ 


VPM2 


MicrosoftfR') WindowsCR) Server 2003. Enter 


Server 


Yes 


□ 


VPM3 


Microsoft(R) Windows(R) Server 


Server 


Yes 



Add Targets I Hsino'js TurijsLa 



5. If any selected systems are unlicensed or licensed with a time-limited license, permanent licenses 
can be applied at this time. If licenses are available, select any unlicensed system in the list to 
license, and click Apply License. To add licenses using a key string, click Add Key, enter the key 
string in the field, and click OK. 



IMPORTANT: If systems listed as Unknown or Unmanaged in HP SIM are selected for licensing, a 
server license is assumed and automatically applied. HP recommends modifying the HP SIM settings 
to properly identify systems before licensing. 
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IMPORTANT: Any unlicensed systems not licensed at this time will not be included in the VPM Patch 
Agent deployment. 



NOTE: If all target systems initially selected for the task are licensed with permanent licenses, the 
license validation page does not appear. 



6. Click Next. 



User: administrator 
Home | Sign Out 
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: 



IZI All Systems 
I All Events 



■ Systems 
B Private 
_l Shared 



Deploy VPM Patch Agent 

Licensed Nodes: VPM1, VPM2 

Step 2: Licence unlicensed systems (optional) 

Some of the selected target systems are unlicensed or licensee! with demo keys. Unlicensed systems cannot be included. 

If there are more unlicensed systems than licenses available and you have one or more keys providing additional licenses for this product, use Add 
I Keyto add these keys. 



UPM Oeiuei Licenses AvniitaMe: 1 


UPM Client Licenses Available: 5 


Licensed Systems: 2 


aj System Name Status 


Operating System 


Type Model System IP Addreri 


| □ VPM3 Not licensed 


Microsoft(R) Wlndows(R) Server 2003 


Server ProLiant DL360 G3 16.127.37.133 




mi 


J H 












| Add Key... | djajUj, Lfcerise | Next:* | 



7. If the server type is identified as Unknown or Unmanaged with no identified operating system in 
the HP SIM console, select the appropriate operating system, and click Next. 
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Home | Sign Out 
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Legend... 


Customize... 
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Search 


B . 




Search 


Advanced Search... 




OB 


Customize... 




- 71 All Systems 




■* All Events 




_l Systems 




_l Private 




□ shared 




D Systems hy Type 




<J 1 E 



Deploy VPM Patch Agent 

Targets: 1 6 .1 27 .37 .1 33 , 1 6 .1 27 .37 .243 , cuiaba 

Step 3: Defining appropriate operating system for each target 



HP SIM does not have information about the operating system for some targets you selected. 

In order to be able to deploy the VPM patch agent, choose the appropriate operating system for the targets listed below: 



16.127.37.243 16.127.37.243 



Operating System 



Windows Linux 



This information is used only for patch deployment and will not update the HP SiM database. 



8. To deploy the VPM Patch Agent immediately, select Run now, and click Done. 

To schedule the agent deployment, select Once, designate the appropriate date and time, and 
click Done. 



NOTE: Patches cannot be applied to systems until after the scheduled task completes and the 
VPM Patch Agent is applied successfully. 
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vi" mctd Sen, cii 



0 All Systems 

1 All Events 



I Systems 
B Private 
O Shared 

D Systems by Type 

D Systems by Status 

D Systems by Operating Systi | 

_l Clustei s by Type 

□ dusters by Status 

D System Functions v 

I 0 



Step 4: Schedule Task 



T^sk ihime: VPM Patch Agent 1 



When would you lihe this tash to run? 

0 Periodically 
0 Once 

Not scheduled 



In addition: 

I | Run when the central management server is started 
| | Run now 



Peril ie lie lu e- 



Disable this task 



9. View task results in the VPM Events list after the task completes. 



Removing patches 

Only patches that can be removed appear on the patch removal page. Only Microsoft patches 
including vendor-provided uninstallation patches can be removed, provided these patches were 
installed by Vulnerability and Patch Management Pack. Vulnerability and Patch Management Pack 
cannot remove configuration fixes or Red Hat patches. Vulnerability and Patch Management Pack 
does not perform dependency checking before removing patches. HP recommends extreme care 
when removing patches. 

To remove patches after they have been applied to systems: 

1. Select Deploy> Vulnerability and Patch Management>Remove Patch. 

2. Select the patches to remove, and click Next. 

NOTE: Manual reboot of the target system might be required to remove certain patches. 
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Gsl HP Systems Insight Manager 
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Home | Sign Out 



Debug -< 
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System Overview 



* All Systems 

* All Events 



J Systems 
_J Private 
Sliai e<l 

Q Systems by Type 

_l Systems liy Status 

_l Systems by Operating System 

Q Clusters by Type 

_l Clusters by Status 

Q System Functions 
J Events 
D Private 
B Shared 

_l Events by Severity 

_J Login Events 

_l Service Events 

D VPM Events 



Tools ▼ Deploy ▼ Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Opt 



Remove Patch 

Uninstall one or more patches from target systems. 



Step 1: Select one or more patches to remove 




□ 




0 


Low 


W2651 


Web View Script Injection Vulnerability 


MS05-049 






□ 


High 


W2650 


Internet Explorer COM Object Vulnerability - NT 4.0 


MS05-052 








□ 


High 


W2649 


DirectShow Unchecked Buffer Vulnerability - NT 4.0 


MS05-050 








□ 


High 


W2648 


Windows Shell .Ink Vulnerabilities - NT 4.0 


MS05-049 








□ 


High 


W2644 


Internet Explorer COM Object Vulnerability 


MS05-052 








□ 


High 


W2643 


MSDTC and COM+ Vulnerabilities 


MS05-051 






J 


□ 


High 


W2642 


DirectShow Unchecked Buffer Vulnerability 


MS05-050 








□ 


High 


W2641 


Wndows Shell .Ink Vulnerabilities 


MS05-049 




v 








INI 




1 


0 





Reboot mfo/mation is based on original vendoi information. HP does not coned oi validate this information 
Sources listed with a "*" indicate that HP has corrected errors in the patch vendor's data feed. Data correction is only 
applied to patch metadata. Vendor supplied patches are in no way altered by the patch correction process. 
Manual confirmation at the target system might be required to remove certain patches. 



3. Select the systems on which to remove the designated patches. 

4. To remove the patches immediately, click Run Now. To schedule the patch removal, 
Schedule. 



click 



B3 HP Systems Insight Manager 



Status 



l ,-n?r,n 



' ■: : : 



Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Opti 



Updated: Thu, 12/15C005, 3:53:17 PM CST 

©▼A© 

9 44 31 75 Uncleared Event Status 



Remove Patch 

undefined: Uninstall one or more patches from target systems. 

Step 2: Select targets to remove patch 





~ :.. : - : '.: 



E All Systems 
I All Events 



B Systems 
_|Priuate 
B Shared 

D Systems by Type 

1 





System Name 


System Type 


System Address 


Product Name 


OS Name 


0 pval 


Server 


170.50.6.130 


ProLiant DL3B0 G3 


Windows 2003 Server 


□ 


pva2 










□ 


vpm5 


Server 


170.50.4.146 


ProLiant DL360 G4 


Windows 2003 Server 


□ 


vpmEl 


Server 


170.50.4.140 


ProLiant DL360 G4 


Windows 2003 Server 


□ 


vprn7 


Server 


170.50.6.70 


ProLiant DL360 G4 


Windows 2003 Server 
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5. If scheduling the patch removal task: 

a. Enter an appropriate name for the removal task or accept the default name, and select Once. 

b. Designate a time and date to run the removal task, and click Done. 



B3 HP Systems Insight Manager 
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Search 


□ 




Advanced Search... 




ma 


Customize... 


System Overview 


* All Systems 




» All Events 





Remove Patch 

Target: pval .cca.cpqcorp.net 

I Step 3: Schedule Task 

Task name: |Remove Patch 1 



Configure ▼ Diagnose ▼ Reports ▼ Tasks & Logs ▼ Optir 



When would you like this task to run? 

C Periodically 

(* Once 

C Not scheduled 



Refine schedule: 



■ Systems 
B Private 
B Shared 

B Systems by Type 

_l Systems by Status 

B Systems by Operating Syste 

B Clusters by Type 

B Clusters by Status 



In addition: 
I - 

\~ Run now 



On 12/15/05 at 4:00 



|PM 



I - Disable this task 



User: administrator 
Home | Sign Out 



] 



6. View task results in the VPM Events list after the task completes. 

If the patch removal requires the target system to be rebooted, this action is automatically deferred. 
The reboot status can be viewed after a patch removal task has completed by selecting 
Diagnose>Vulnerability and Patch Management>View Patch Reboot Status. 
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Troubleshooting 



This section identifies and provides solutions for commonly encountered issues, as well as answers to 
frequently asked questions. The following topics are included: 

• Vulnerability and Patch Management Pack installation and configuration 

• Vulnerability scans 

• Patches and configuration fixes 

• HP SIM integration 

Vulnerability and Patch Management Pack 
installation and configuration 

Viewing Vulnerability and Patch Management Pack installation 
logs 

The Vulnerability and Patch Management Pack installation logs, which list the details of the installation 
of each Vulnerability and Patch Management Pack component, are located at 
%HOMEDRIVE%:\vpmsetuplogs, where HOMEDRIVE is usually the C drive. You can view the 
following logs: 

• vmpsetup.log— Contains log information from the main installer, including calls and result codes 
from the execution of component installers 

• vmpsrvsetup.log— Contains log information about the creation of the Vulnerability and Patch 
Management Pack directories and menus in the VPM server 

• vmpsimsetup.log— Contains log information from the HP SIM component installation 

• RCS. log— Contains information about the installation of the Radia Configuration Server, which 
manages vulnerabilities based on policies established by HP SIM 

• RPS. log— Contains information about the installation of the Radia Proxy Server, which is used as 
the central patch repository 

• RMS. log— Contains information about the installation of the Radia Messaging Server, which is a 
messaging service used to communicate Vulnerability and Patch Management Pack status 
information 

• RPM. log— Contains information about the installation of the Radia Patch Manager (Server), 
which acquires security patches from the Internet, loads them into the Radia Configuration 
Server, and synchronizes this information in the database 

• RMP. log— Contains information about the installation of the Radia Management Portal, which is 
used to initiate the installation of the VPM Patch Agent and perform Vulnerability and Patch 
Management Pack actions on remote systems 

• Radiawrp.log— Contains an installation summary of the previous five components 
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Vulnerability and Patch Management Pack installation updates 
MDAC and MSDE 

If MSDE or files used by MSDE are not up-to-date, files are updated during the Vulnerability and Patch 
Management Pack installation. The server is rebooted after updated files are installed. In this situation, 
the Vulnerability and Patch Management Pack installation must be restarted. 

An error occurs when installing MSDE files from a Remote 
Desktop session 

Install Vulnerability and Patch Management Pack using the system console instead of a Remote 
Desktop session. For additional information, see http:/ / support.microsoft.com/ default.aspx?scid= 
kb;en-us;246694&sd=tech . 

Vulnerability and Patch Management Pack installation fails 
with There Are No Configuration Files error 

This error occurs because the metabase, the configuration files used for IIS, has been corrupted. To 
resolve: 

1. Download metaedit from http:/ / download.microsoft.com/ download/iis50/ utility/ 5.0/NT45/ 
EN-US/MtaEdt22.exe . 

2. Double-click MtaEdt22.exe. 

3. Locate STATScanner at LM\W3SVC\1 \ROOT, and click Delete. 

4. Restart the Vulnerability and Patch Management Pack installation. 

STAT Scanner WSI Requires IWAM and IUSR error 
occurs during Vulnerability and Patch Management 
Pack installation 

This occurs when the server name has been changed after IIS was installed. IIS must be uninstalled 
and reinstalled before Vulnerability and Patch Management Pack can be installed. 

Installation fails with Product RMS not installed: 
Service RMS error. The specified service does 
not exist as an installed service (0x424) 

If the password of the account used to install Vulnerability and Patch Management Pack contains curly 
braces, "{" or "}," the Radia component installation fails. To correct this, either complete the following 
steps to temporarily change the install account password or create a new local account with 
administrator privileges to use to perform the installation. 

1. Change the password to remove the illegal characters. 

2. Select Start>Control Panel>Administrative Tools>Services. 

3. Right-click HP Systems Insight Manager, and select Properties. 
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4. Click the Log On tab, and update with the new password. 

5. Click the General tab, and click Stop>Start to restart the HP SIM service. 

6. Right-click IIS Admin Service, and select Restart. Click Yes to confirm. 

Proceed with the Vulnerability and Patch Management Pack installation. If necessary, the installation 
account credentials can be changed back after the installation completes. Repeat steps 2 through 6 
after the password has been changed, and then see the "Using the Change VPM Credentials Utility" 
section to update the Vulnerability and Pack Management Pack password. 

Vulnerability and Patch Management Pack installation fails 

• Be sure the VPM server can effectively communicate with other networking components, such as 
the database and HP SIM server (if separate). 

• If the VPM server has multiple IP addresses, be sure Name Resolution is used for both 

• If IPv6 is enabled, uninstall from the network interface card being utilized for Vulnerability and 
Patch Management Pack communication. 

• If the Vulnerability and Patch Management Pack installation was attempted multiple times, reboot 
before attempting the installation again. 

Cannot modify VPM acquisition settings to acquire updates 
from a local repository 

A patch acquisition must have already been run using the VPM Acquisition Utility and saved to the 
designated directory before VPM acquisition settings can be modified to acquire updates from a local 
repository. For information about acquiring patches using the VPM Acquisition Utility, see the 
" Acquisitions using the VPM Acquisition Utility" section. 

Required open ports 

The following ports must be open on target systems to allow successful scanning with Vulnerability 
and Patch Management Pack: 

Hir IMPORTANT: If a proxy server is used, it must be configured to allow both HTTP and FTP traffic. 



NOTE: These ports are opened automatically when Vulnerability and Patch Management Pack is 
installed on a Windows XP SP2 system. By default, Internet Connection Firewall closes some of 
these ports. Be sure that the ports listed are open. 



• TCP 22-SSH 

• TCP 1 35, 1 37, 1 38, 1 39, 443, and 445-NetBIOS and SSL, used by the Vulnerability and 
Patch Management Pack scanning components 

• TCP 2301 and 49400-HP Management Agents 

• TCP 3463, 3464, 3466, and 3465 — Used by Vulnerability and Patch Management Pack 
patching components 

The following ports must be open on the VPM server: 

• TCP 80— HTTP Web server, if an HTTP connection is used between the VPM and HP SIM servers 
(TCP 443 must be open if an HTTPS connection is used) 

• TCP 445— MSDE named pipes communications 
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• UDP 1433, 1434-MSDE Shared Instance Support 

• TCP (variable)— MSDE TCP/IP communications. This port, assigned at random by MSDE during 
installation, can be identified by selecting Start>Run, entering svrnetcn.exe, and clicking OK. 
Select Computername\Device from the Server Instances dropdown menu. In the Enabled 
Protocols list, select TCP/IP>Properties. The port number appears. The port number can be 
changed at this time, if necessary. 

The following ports are used by HP SIM and must be open: 

• TCP 22-SSH 

• UDP 161— SNMP 

• UDP 162-SNMP trap 

• TCP 280-HTTP 

• TCP 5989-WBEM/WMI Mapper secure 

• TCP 50000- HTTPS 

• TCP 50001 -Secure SOAP 

• TCP and UDP 53-DNS 

Modifying firewall configuration settings 

To ensure that Vulnerability and Patch Management Pack can obtain updates, be sure that your 
firewall is configured for access to ftp://ftp.hp.com/pub/essentials/vpm/ . 

Configuring a DNS server 

If no DNS server exists in the server network, update the host files on both the HP SIM and VPM 
servers (if separate) with the IP and Network Naming. These files are located at 
C:\Windows\system32\Drivers\etc. The target systems must be able to resolve the VPM server name 
to an IP address. 

The server host name where HP SIM and VPM are installed must be correctly configured for name 
resolution and reverse lookup. To determine if DNS is properly configured, use the nslookup 
command, passing both the host IP address and the fully qualified hostname. 

If using DHCP, verify the following configurations in the advanced TCP/IP properties: 
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Advanced TCP/IP Settings 



IP Settings] DNS [wiNS Options 



DNS server a: : -esses. - :-:e- :- -se: 



jlJ 



The following three settings are applied to all connections with TCP/IP 
enabled. For resolution of unqualified names: 

0 Append primary and connection specific DNS suffixes 

| | Append parent suffixes of the primary DNS suffix 
0 Append these DNS suffixes lin order}: 



americas.hpqcorp.net 

hpqcorp.net 

cpqcorp.net 



" , 3 s._- v - : - :- s ; : - - e : - : a - e - : as upcorp .net 



0 Register this connection's addresses in DNS 
] Use this connection's DNS suffix in DNS registration 




Be sure that the DNS suffix for this connection field has the correct DNS suffix and that both the 
Register this connection's addressees in DNS and Use this connection's DNS suffix in DNS registration 

are selected. 



All target systems do not have the same administrator 
credentials 

For target systems that have individual administrator credentials, configure WBEM credentials 
individually to enable access to these target systems. 

1. From within HP SIM, select Options>Protocol Settings>System Protocol Settings. 

2. Select the system to configure, and click Apply. 

3. Enter the appropriate WBEM credentials, and click Run Now. 

Multiple VPM servers 

Target systems cannot be scanned and patched by multiple VPM servers. The deployed VPM Patch 
Agent is set up to respond to only one VPM server. 

Administrator credentials have been changed 

If the administrator credentials have been changed for target systems, the WBEM credentials must be 
reconfigured. To reconfigure Global Protocol Setting, select Options>Protocol Settings>Global Protocol 
Settings. To reconfigure System Protocol Settings, select Options>Protocol Settings>System Protocol 
Settings. 

Changing the IIS IWAM user name and password 

HP recommends that the \WAtA_hostnome and \\JSR_hostnome accounts not be modified after they 
are installed by IIS. Modifying these accounts corrupts the rights and security privileges of 
Vulnerability and Patch Management Pack and IIS components. 
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For information about backing up and restoring the ISS Metabase, see 

http://www.microsoftxom/technet/prodtechnol^ 

488f-a8dd-1 3044fa623a1 .mspx 

The IIS Certificate has expired and the Vulnerability and Patch 
Management Pack connection must be reconfigured to use an 
HTTP connection 

HP recommends using a secure HTTPS connection between the HP SIM server and the VPM server, 
when these components are installed on separate servers. However, if you currently have an HTTPS 
connection that must be reconfigured to HTTP: 

1. Remove the SSL certificate from IIS. 

2. Change the IIS configuration to accept both HTTP and HTTPS connections: 

a. Open Internet Information Services Manager. 

b. Locate STATScanner under Default Web Site on the local computer. 

c. Right-click STATScanner, and select Properties. 



Internet Information Se 



Internet Information Services 
El- JJ CUIABA (local computer) 
□■■Cl Web Sites 

Default Web Site 



File Action View Help 



in m | x & ® Li 



I IISHelp 
li Printers 



E O Update 
Default SMTP Virtual 



S|ft| ► ■ II 



CH Update 
@ Soapbox.dll 
[^| SoapboxIsapi.dll 



| Path 



Explore 




Open 




Browse 




New 




All Tasks 




View 




Delete 




Refresh 




Export List,.. 




_^ Properties 





Help 



LL 



d. Click the Directory Security tab. 

e. Click Edit in the Secure Communications field. 
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STATScanner Properties 



Virtual Directory | Document<|T) irectcry Secuj yJ>|TTP Headers | Custom Err 



-Anonymous access and authentication control 

Enable anonymous access and edit the 
authentication methods for this resource. 



"Edit: 



IP address and domain name restrictions 

jQ] Grant or deny access to this resource using 
(ara) IP addresses or internet domain names. 



Edit... 



r Secure communications - 



Require secure communications and 
enable client certificates when this 
resource is accessed. 



Server Certificate... 



View Certificate... 



Edit... 



OK 



Cancel 



Apply 



Help 



f. Clear the Require secure channel (SSL) option, and click OK>OK. 



Secure Communications 



Require secure channel [SSL] 




V Require 1 28-bit encryption 



-Client certificates — 
(* Ignore client certificates 
C Accept client certificates 
C Require client certificates 



V Enable client certificate mapping 

Client certificates can be mapped to Windows user 
accounts. This allows access control to resources using 
client certificates. 



EdiL 



□ K 



Cancel 



Help 



linstalling Vulnerability and Patch Management Pack 

Use either of the following methods to uninstall Vulnerability and Patch Management Pack. The 
Vulnerability and Patch Management Pack uninstallation must be performed from the VPM server. 

Vulnerability and Patch Management Pack scan results can be retained after uninstallation. The last 
scan performed can be accessed from the VPM column. If you choose to delete scan results, the VPM 
column is set to an initialized state. See the "Hiding the VPM column in the HP SIM console" section 
to hide the VPM column. 



Hir IMPORTANT: Be sure that no vulnerability scans, patch deployments, or patch acquisitions 
are running. Close all browsers before attempting to uninstall Vulnerability and Patch 
Management Pack. 
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Hir IMPORTANT: Vulnerability and Patch Management Pack licenses are not removed from target 
systems when Vulnerability and Patch Management Pack is uninstalled. 



To uninstall with the Vulnerability and Patch Management Pack uninstaller: 

1. Select Start>Programs>HP ProLiant Essentials Vulnerability and Patch Management>Uninstall 
Vulnerability and Patch Management. 

2. When prompted, select whether to remove the Vulnerability and Patch Management Pack data 
stored on the HP SIM server, such as scan reports and Vulnerability and Patch Management 
Pack tasks. Data displayed in the HP SIM systems list is cleared if data is removed. 

3. When prompted, select whether to remove the patch database. 

4. When uninstall is complete, the HP SIM service is automatically restarted. 

5. Delete the VPM directory. Its default location is: C:\Program Files\HP\VPM. 
To uninstall from the Control Panel: 

1. Select Add or Remove Programs. 

2. Select HP Vulnerability and Patch Management>Change/Remove. 

3. When prompted, select whether to remove the Vulnerability and Patch Management Pack data 
stored on the HP SIM server, such as scan reports and Vulnerability and Patch Management 
Pack tasks. Data displayed in the HP SIM systems list is cleared if data is removed. 

4. When prompted, select whether to remove the patch database. 

5. When uninstall is complete, the HP SIM service is automatically restarted. 

6. Delete the VPM directory. Its default installation location is: C:\Program Files\HP\VPM. 

Remaining Vulnerability and Patch Management Pack files 

A Vulnerability and Patch Management Pack uninstallation does not remove all Vulnerability and 
Patch Management Pack files from the server. The following files remain after uninstallation: 

• C:\Novadigm\ManagementAgent\nvdkit.exe 

• C:\Novadigm\ ManagementAgent\rma.tkd 

• C:\Novadigm\ ManagementAgent\ rma.log 

• C:\Program Files\HP\Systems Insight Mnager\hpwebadmin\webapps\ROOT\mxportal\VPM\ 
column\vpmcolmain.jps 

• C:\Program Files\HP\Systems Insight Manager\hpwebadmin\webapps\ROOT 
\mxportal\VPM\column\vpmbase.html 

• C:\Program Files\HP\Systems Insight Manager\hpwebadmin\webapps\ROOT\mxportal\ 
home\STATScanner 

NOTE: The VPM Results directory only remains if you select to retain Vulnerability and Patch 
Management Pack data during the uninstallation. 

• C:\Program Files\Microsoft SQL Server\MSSQL$VPMMSSQL\Data\ radiadb.mdf 

• C:\Program Files\Microsoft SQL Server\MSSQL$VPMMSSQL\Data\ radialog.ldf 

NOTE: These files only remain if you select to retain the patch database during uninstallation. 
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Hiding the VPM column in the HP SIM console 

Vulnerability and Patch Management Pack uses the VPM column in the HP SIM console to identify 
vulnerability status. If Vulnerability and Patch Management Pack has been uninstalled, vulnerability 
status information is no longer updated in the HP SIM console. Data displayed in the HP SIM systems 
list is cleared if Vulnerability and Patch Management Pack data is removed during uninstallation. To 
hide the column in the HP SIM console after Vulnerability and Patch Management Pack has been 
uninstalled: 

1. Click Customize in the top right corner of the All Systems frame. 

2. Select VPM from the Displayed Columns list, and click («). 




System Lists 

System Ove 
All Systems 
All Events 
My Favorites 
O System Lists 
O Event Lists 



Tools Deploy Configure Diagnose Optimize Reports Logs Options Help 



I Customize List Appearance: All Systems 

I Description: Change column visibility, display order and sort order for the given list 



Available columns: 



Legend 

© = Critical ^ = Normal 

= Major ? = Unknown 

_i = Minor c = Informational 




Displayed columns: 



Selection 

HW 

MP 

SW 

LD 

System Name 
System Type 
System Address 
Product Name 
OS Name 



Move Up 
Move Down | 



Cancel | 



J 



3. Click OK. 

Reinstalling Vulnerability and Patch Management Pack 

If an updated version of Vulnerability and Patch Management Pack is installed after a previous 
version has been uninstalled, the entitlement list could be lost for all managed target systems. To 
prevent this, be sure that you uninstall and reinstall the updated VPM Patch Agent to all target 
systems. 

Radia uses installation account instead of local account 

To accommodate a security modification contained in Windows 2003 SP1, the Vulnerability and 
Patch Management Pack installer modifies the Windows service running httpd (Radia Integration 
Server) to use the installation account rather than the Local System account. In addition, the 
installation account is modified to run as a service. 



Vulnerability scans 

Vulnerability and Patch Management Pack cannot access 
target systems 

If Vulnerability and Patch Management Pack cannot perform accurate scanning on a target system 
because of access problems, verify the following information depending on the target operating 
system. 
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Windows 

• The account used to scan the target system is a member of the Administrator group or Domain 
Administrator group for that system. 

• Client for Microsoft Networks is installed and enabled. 

• Vulnerability and Patch Management Pack has share-level access to all target systems. 

• Remote Registry Service is started. 

• File and Printer Sharing protocol is installed and enabled. 

• Default Administrative Shares are enabled. 

• Server Service is started. 

• Simple File Sharing is disabled. 

• The Internet Connection Firewall is configured correctly or disabled, and the target system is 
configured to respond to ping commands. 

• The Computer Name/Domain network component is defined. 

Windows XP 

Verify that Simple File Sharing is disabled on Windows XP Professional machines that are not part of 
a domain. Simple File Sharing is enabled by default, disabling network access to Administrative 
shares on the machine. 

Windows VPM server 

STAT scanner cannot connect to HP SIM if the file, msxml3.dll, is not registered on the Windows XP 
system. 

1. Execute the following command at the command prompt to verify the existence of the file: 

dir %SystemRoot%\system32\msxml3 . dll 

2. If the file is not registered, execute the following command at the command prompt to force the 
registration: regsvr32 %SystemRoot%\system32\msxml3 . dll 

The following message appears after successful registration: 



RegSvr32 


X 


^i^J DllRegisterServer in 


C: WINDOWS t 
! OK 


system 3 ZVmsxrml3.dll succeeded. 



Also, ensure that the IWAM_xxx account has adequate privileges to function properly. Appropriate 
file permissions and Microsoft Windows NT® registry permissions must exist for the resources to 
function properly. See the following figure for examples. 
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Permissions for STAT Scanner 



33 



Security j 
Group or user names: 



MROB L30P9U\dministrators] 



E Internet Guest Account (MROBL30P9\IUSR_MROBL30P9) 



E| Launch IIS Process Account [MRQBL30F9MWAM_MROBL30P9] 



i SYSTEM 



Add... 



Permissions for Administrators 



Remove 



Deny 



Full Control 
Read 

Special Permissions 



El 
El 
□ 



□ 
□ 
□ 



For special permissions or for advanced settings. Advanced 
click Advanced. I 



OK 



J 



Cancel 



Apply 



Soapbox.dll Properties 



General | Version Security | Summary | 
Group or user names: 



i&ralors iMRQBL.30! , 9\Admiriiaiatois'| 



E Internet Guest Account (MROBL30P9\IUSR_MROBL30P9) 



E I Launch 1 1 5 Process Account [M R □ B L30P9M WAM_M ROB L30P9) 
(33 SYSTEM 



Add.. 



Remove 



Permissions for Administrators 


Allow 


Deny 


Full Control 


El 


□ 


Modify 


□ 


□ 


Read & Execute 


□ 


□ 


Read 


□ 


□ 


Write 


□ 


□ 


Special Permissions 


□ 


□ 



For special permissions or for advanced settings.. Advanced 
click Advanced. 1 



□ K 



] 



Cancel 



Apply 



Configure file permissions on all necessary DLLs. Configure Windows NT Registry permissions on the 
following: 

• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\STAT 
Scanner 

• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\STAT 
Scanner WSI 



ux target systems 

• TCP/IP network protocol is enabled. 

• SSH is enabled and listening on the default port 22. 

• Vulnerability and Patch Management Pack includes PuTTY SSH client and uses the plink session 
command and PSCP secure copy, as well as SFTP secure file transfer commands. Both protocols 

1 .5 and 2.0 are supported if they are correctly installed and functioning on the target system. To 
determine which protocol is running, telnet to port 22 on the target system, read the return 
banner, and press the Enter key. 

o SSH-1 .5— Only protocol 1 .5 is supported. 

o SSH-1 .9— Protocol 1 .5 and 2.0 are supported. Protocol 1 .5 is attempted first. 

o SSH-2.0— Only protocol 2.0 is supported, the newest and preferred session protocol. 

:an reports cannot be viewed 

If scan reports cannot be viewed in .pdf format because Adobe Acrobat cannot be launched, perform 
the following procedure: 

1. From Internet Explorer, select Tools>lnternet Options. 

2. Click the Advanced tab, and scroll to Security. 

3. Clear the Do not save encrypted pages to disk option, and click OK. 

For more information, see http://support.microsoft.com/default.aspx?scid=kb;en- 
us;81 2935&Product=ie600 . 
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A scan was submitted but never started 



All target systems scanned by Vulnerability and Patch Management Pack must have an IP address 
displayed in the HP SIM console. If a scan is requested for a target system with no IP address, the 
scan does not run and an internal error is generated. Be sure that all target systems being scanned 
have IP addresses that appear in the HP SIM console. 

Scan results are inaccurate because of overlapping tasks 

When scheduling vulnerability scans and patches, be sure the two processes do not overlap. Allow 
adequate time for a vulnerability scan to complete before starting a patch. If a patch deployment runs 
during a vulnerability scan, the scan results might be inaccurate or the target systems might reboot 
during the scan. 

Do not schedule patch acquisition tasks to run while vulnerability scans are running. Patch acquisition 
tasks cause vulnerability scans to abort. 

Current patch information is not displayed in scan reports 

Scan definition updates are available a few days after the release of patches. You might have a 
patch in your patch repository that does not appear in your scan results. You can apply the patch 
without a scan. The VPM Patch Agent will not apply patches that are not appropriate. With the new 
patch reports, you can also use the Validate VPM Patch Agent operation to determine where patches 
are needed. This operation applies to patches only. The VPM Patch Agent does not report on non- 
patch security vulnerabilities. 

Patches and configuration fixes 

VPM Patch Agent install fails 

The VPM Patch Agent is automatically deployed when systems are licensed to allow patches to be 
applied to the systems. If a server type is identified as Unknown or Unmanaged with no identified 
operating system in the HP SIM console, Vulnerability and Patch Management Pack automatically 
attempts to deploy the VPM Patch Agent for Windows systems. The VPM Patch Agent deployment fails 
on Linux systems, and event details display an error. 
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To deploy the VPM Patch Agent to target systems, see the "Deploying the VPM Patch Agent" section. 
Be sure that the Red Hat library, compat-libstdc++, is installed on Red Hat target systems. 

The VPM Patch Agent installation can also fail because the WBEM credentials are not configured 
properly to allow Vulnerability and Patch Management Pack to access target systems. For information 
about configuring WBEM credentials, see the "Post-installation configuration" section. 

patch acquisition was started, but no patches are seen 

A patch acquisition can take quite a bit of time the first time it is run. It is not unusual for the 
acquisition to take more than four hours, depending on how many operating systems are selected for 
download and the speed of the Internet connection. 

Progress of the acquisition can be monitored at C:\Program Files\HP\VPM\Radia\lntegrationServer\ 
logs\patch-acquire.log. If the log file indicates that no patches are being acquired and there is a 
proxy server in the environment, be sure you have properly configured Vulnerability and Patch 
Management Pack to access the proxy server by selecting Options>Vulnerability and Patch 
Management>Settings. In addition, the proxy server must be configured to allow both HTTP and FTP 
traffic. 

If the patch-acquire.log is not being updated, the acquisition process might be hung. Search the 
patch-acquire.log for the start of the last logged process id. Stop the nvdkit.exe with that process id 
running on your VPM server. This action terminates the current acquisition and allows the next 
acquisition to run. 



FTP 300 errors received during patch acquisition 

Patch acquisition can generate events containing HTTP 300 errors for some older Microsoft patches, 
such as: 

Error downloading patch data for Bulletin MS02-050 at URL 
http : //www . microsoft . com/ntserver/terminalserver/downloads/ 
critical/q329115/def ault . asp error code 300 
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This message occurs because the Microsoft information pertaining to the patch location is incorrect 
and the patch cannot be downloaded. HP is working to correct the metadata at the HP/Radia website 
for these older patches, however this is ongoing maintenance. These corrections will automatically be 
downloaded each time a patch acquisition is run. No updates are needed to Vulnerability and Patch 
Management Pack. 

Patches appear in a scan report but are not successfully 
deployed 

This can occur in the following situations: 

• A vulnerability scan has identified vulnerabilities, patches were selected for deployment based 
on the scan, and one or more of the selected patches were not located in the patch repository. 
Generally, some of the patches will install successfully, while others do not install for an 
extended time. Patches might not be available in the patch repository because all of the 
necessary operating systems were not selected for patch acquisition or only some of the patches 
have been acquired. 

• The VPM Patch Agent has not been successfully installed on the system being patched. 

• A patch deployment is attempted on a system for which the patch is not applicable. Vulnerability 
and Patch Management Pack applies patches to target systems based on the operating system 
characteristics and patch vulnerabilities. For example, a patch cannot be deployed when a Red 
Hat patch is selected for deployment on a Windows target system. 

Check for missing patches 

Be sure that a patch acquisition has been selected for all operating systems in the server environment. 
Different Microsoft patches can exist for each operating system associated with an advisory. To 
validate if a patch has been acquired, click the advisory link to the operating system vendor. The 
patches for each operating system are listed. Check the C:\Program Files\HP\VPM\Radia\ 
lntegrationServer\Data\Patch\Microsoft\<bt;//ef/n number> directory to see if each patch has been 
acquired. 

Check the file C:\Program Files\HP\VPM\Radia\lntegrationServer\Logs\patch-acquire.log for a 
history of the last patch acquisition, including any errors. Patches downloaded through HTTP might 
have been acquired successfully, but those requiring FTP are failing. If this occurs, validate the proxy 
and firewall settings to be sure they are configured properly to enable FTP traffic. 

Validating VPM Patch Agent installation 

Check the VPM events to see if a successful Installed VPM Patch Agent event exists for the system to 
be patched. If no event is present or if a Failed VPM Patch Agent Install event exists, select 
Deploy>Vulnerability and Patch Manager>VPM Patch Agent to deploy the agent. 

After the VPM Patch Agent installation and patch acquisition have been verified, reinitiate the patch 
installation by selecting Deploy>Vulnerability and Patch ManageoValidate Installed Patches. 

Patch installation status reports are not current or do not match 
information displayed in scan reports 

Information displayed in patch reports is obtained during the most recent patch deployment task. If 
this information is not current, update the patch installation status by validating installed patches. For 
information, see the "Validating installed patches" section. 
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Other tools report that a Windows system is patched, but 
Vulnerability and Patch Management Pack reports patches 
needed 

Many other tools read the registry to determine if a patch is installed. In many cases, when a patch 
installation fails, the registry is updated while the files remain unchanged. Vulnerability and Patch 
Management Pack verifies that both the files and registry keys have been updated. 

Patch source for vendor patches is Microsoft* or Red Hat* 

To determine patch applicability, Vulnerability and Patch Management Pack might enhance patch 
detection criteria to be more precise than vendor information. These patches appear with an asterisk 
in the Patch Source column. HP does not modify the patch itself. 

Multiple events listed in HP SIM for patch deployments 

Patch deployments create multiple events in HP SIM. There is a start event, a completion event, and a 
patch current status event. The patch current status event evaluates the status of the patches after the 
reboot has been completed. 

STAT Scanner update error listed in the HP SIM event log 

If STAT Scanner cannot access certain necessary files during a patch acquisition scanner update, a 
301 0 error appears in the HP SIM event log. The file update will be completed the next time a reboot 
is performed. 

Radia internal error listed in the HP SIM event log 

A generic Radia internal error appears in the HP SIM event log if the patch repository is viewed 
before a patch acquisition had been performed. 

Abuse of Service error occurs when attempting to 
acquire Red Hat patches 

The Red Hat network might be disabled if the network determines that patches have been acquired 
too frequently. To resolve this issue, delete the registered system from the Red Hat network Web 
interface at https://rhn.redhat.com . Recreate the Red Hat credentials on the Red Hat server and copy 
to the VPM server. 

Validate Installed Patches event does not complete 

Certain Vulnerability and Patch Management Pack events cannot complete successfully until after a 
system has been scanned and patched at least one time. Be sure a system has been scanned and 
patched before attempting to validate installed patches. 
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HP SIM integration 

Vulnerability and Patch Management Pack menus do not 
appear in the HP SIM console after installation 

The tool menus might not appear after a Vulnerability and Patch Management Pack installation for 
any of the following reasons: 

• The HP SIM user does not have appropriate privileges to access the menus. If a new HP SIM user 
cannot view the Vulnerability and Patch Management Pack menus, be sure that the user is 
authorized for All Tools or VPM Tools in Options>Security>Users and Authentication. 

• A successful installation of Vulnerability and Patch Management Pack requires the user to have 
CMS administrative privileges because changes are made to the HP SIM core and the tool 
menus. 

• When installing Vulnerability and Patch Management Pack, you must use the credentials 
previously used when installing HP SIM. Failure to do so results in an incorrect installation. Also, 
the user name will not have appropriate privileges. Be sure the CMS user has privileges 
(toolbox, authorizations) to use Vulnerability and Patch Management Pack. If the authorization is 
not correct, the menus do not appear. To correct this issue, uninstall Vulnerability and Patch 
Management Pack and reinstall using the correct credentials. Be sure that the CMS user that will 
be using Vulnerability and Patch Management Pack has appropriate privileges. This can include 
having authorization for a toolbox containing the Vulnerability and Patch Management Pack 
tools. 

• The Vulnerability and Patch Management Pack installation failed. Installation errors appear on- 
screen during installation and in the log files. 
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Vulnerability and Patch Management Pack 
provided scan definitions 



The following table lists the provided scan definitions that are provided with Vulnerability and Patch 
Management Pack and a brief description of each. 



NOTE: Custom scans can be created from th< 


3 default system scans. When default system scans are 


updated, the custom scans are updated with 


corresponding vulnerability updates also. 


Table 5 Provided scan definitions 


Scan definition 


Description 


4_0* 


Windows NT® 4.0 vulnerabilities 


Advisory 


Microsoft Advisories 


AutoFix 


Autofixable vulnerabilities 


CrossPlatform 


Windows and Linux vulnerabilities 


FileChecks 


Known and unknown locations file checks 


FileCheck_Knownl_ocation 


Known location file checks 


FileCheck_Unknownl_ocation 


Unknown location file checks 


IE 


Internet Explorer vulnerabilities 


IIS 


IIS vulnerabilities 


Linux 


Linux vulnerabilities 


Mai ware 


Mai ware checks 


Password 


Password policy check 


PasswordChecker 


Windows NT password policy 


Policy 


All policy check 


SqIServer 


SQL Server vulnerabilities 


W2K 


Windows 2000 vulnerabilities 


W2K3 


Windows 2003 vulnerabilities 


XP 


Windows XP vulnerabilities 


* This scan definition is not included with the current version of Vulnerability and Patch Management Pack and 


will only exist if previous versions of the software have been installed. 
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Using the Change VPM Credentials Utility 



The Change VPM Credentials Utility can be used to update Vulnerability and Patch Management 
Pack: 

• When the credentials or IP address of the HP SIM server have been changed 

• When the credentials of the account used to install Vulnerability and Patch Management Pack 
have been changed 

• To turn on or off the secure connection between the HP SIM and VPM server 
To update the Vulnerability and Patch Management Pack credentials: 

1. From the VPM server, click Start>HP Vulnerability and Patch Management PacloChange VPM 
Credentials. 

2. Select whether to change Vulnerability and Patch Management Pack or database credentials, 
and click OK. 



Change Password 



- Choose Password to Change- 



t* Change VPM Credentials 



C Change Database Credentials 



□K 



Cancel 



3. If changing Vulnerability and Patch Management Pack credentials, enter your current user 

credentials and IP address, select whether to a secure connection to the VPM server, and click 
Change. 
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Change VPM Credentials Utility 



HP SIM Server: 
|pva3 



User name: 



Administrator 
Domain: 



FVA3 
Server IP: 



|1G.1G8. 101.1 
□ Id Password: 



New Password: 



Confirm New Password: 



Use secure connection when connecting to VPM 



Change ~| Cancel 



4. If changing database credentials, enter your current database credentials, and click Change. 



Change Database Credentials 



User name: 



[Administrator 
Password: 



Confirm Password: 



Change 



Cancel 



Using the Change VPM Credentials Utility 



Backing up and restoring Vulnerability and 
Patch Management Pack 



Introduction 



Vulnerability and Patch Management Pack application files are tightly coupled to HP SIM and its 
components. There are also Vulnerability and Patch Management Pack subcomponents, which can 
place files in other locations. A number of tables exist in databases, which require special tools to 
back up effectively. 

Use the following guidelines to preserve the history of previous scan results and the list of patches 
installed on each target system. 

The Vulnerability and Patch Management Pack plug-in for HP SIM can be installed in a shared or 
distributed configuration. Backup and restore can be done by preserving individual components. 
Before beginning: 

• Understand the HP SIM file/directory structure and database layout 

• Understand the Vulnerability and Patch Management Pack file/directory structure 



HP SIM must be offline to back up components. To back up individual components: 

1. Back up the Vulnerability and Patch Management Pack files under the HP SIM directory: 

o C:\Program Files\HP\Systems Insight 

Manager\hpwebadmin\webapps\ROOT\mxportal\home\ 
STATConfigurations 

o C:\Program Files\HP\Systems Insight 

Manager\hpwebadmin\webapps\ROOT\mxportal\home\ 
STATScanner 

2. Back up HP SIM directory tree and the HP SIM database. For instructions, see the HP Systems 
Insight Manager Help Guide. This procedure might be different depending on the operating 



1. Restore HP SIM and the HP SIM database from the backup files. 

2. Install Vulnerability and Patch Management Pack. 

3. Restore the Vulnerability and Patch Management Pack files from the backup. 

This procedure restores the Vulnerability and Patch Management Pack historical scan and patch data 
to the point where it was backed up. HP recommends running a scan to restore current Vulnerability 
and Patch Management Pack status. 



Component 




system. 



Component restoration 
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Vulnerability and Patch Management Pack 
events 



Vulnerability and Patch Management Pack creates events in HP SIM. These events can be viewed with 
all HP SIM events in the Events list, or independently in the VPM Events list. 

Scan events 

Table 6 lists the events created by the Vulnerability and Patch Management Pack scanning 
components. 



Table 6 VPM scan events 



Event 


Description 


Occurs 


Submitted VPM Scan 


A vulnerability scan has been 
submitted 


When a scan is submitted. If another scan is already 
running, this scan is queued. 


Started VPM Scan 


A group vulnerability scan has 
started 


When a scan is started for all systems selected in the 
scan operation. Each individual system also has a 
scan start event. Individual machines are scanned 
one at a time. 


Started VPM Scan for 
System 


A vulnerability scan has 
started on a system 


At the start of the scan for each individual system. 


Completed VPM Scan 


A group vulnerability scan has 
completed 


When a scan is completed for all systems selected in 
the scan operation. Each individual system also has 
a scan completion event. Individual machines are 
scanned one at a time. 


Completed VPM Scan 
System 


for A vulnerability scan has 
completed on a system 


At the completion of the scan for each individual 
system. 


Failed VPM Scan 


A failure has occurred during 
a VPM scan 


When an entire scan fails to complete because of an 
internal error. Check the system event log for more 
information. 


Failed VPM Scan for a 
System 


i A failure has occurred during 
a VPM scan for a particular 
system 


When an individual system scan fails to complete 
because of an internal error. Check the system event 
log for more information 
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Patch and fix events 

Table 7 lists the events created by the Vulnerability and Patch Management Pack 
patching components. 



Table 7 VPM patch and fix events 



Event 


Description 


Occurs 


oubmitted Vr/vi ratch ar 
Fix 


id A VPM patch and fix has been 
submitted. 


When one more patches and fixes have been 
submitted. 


Started VPM Patch and 
rix 


A group VPM patch and fix 
has started. 


When one or more patches or fixes have been 
started for all systems selected in the patch-fix 
operation. Each individual system also has a start 
event. 


Started VPM Patch and 
Fix for System 


A VPM patch and fix has 
started on a system. 


When one or more patches or fixes have been 
started for an individual system. 


Completed VPM Patch 
and Fix 


A group VPM patch and fix 
has completed. 


When all patches and fixes have been completed 
for all systems selected in the patch-fix operation. 
Each individual system also has a completion event. 


VPM Patch Start 


A vulnerability patch 
installation has begun on the 
target system 


When a vulnerability patch installation has been 
started on the target system. A software update or 
bulletin is being applied to the target system. 


Completed VPM Patch 
and Fix for System 


A VPM patch and fix has 
completed on a system. 


When all patches and fixes have been completed 
for an individual system. 


VPM Patch Ended with 
Success 


A vulnerability patch 
installation has ended on the 
target system with the status of 
successful. 


When a vulnerability patch installation has ended 
on the target system with the status of successful. 



VPM Patch Ended with 
Failure 



A vulnerability patch 
installation has ended on the 
target system with the status of 
failure. 



When a vulnerability patch installation has ended 
on the target system with the status of failure. Follow 
up might be required to determine the actual cause 
and remedy to the failure. It might be useful to 
examine any patch event details related to this 
patch. 



VPM Patch Current Status VPM Patch Agent is reporting 
the current status of a patch 
on the target device. 


The status is reported after the reboot. When VPM 
Patch Agent reports the current status of a patch on 
the target device because of a patch requiring a 
reboot. 


VPM Patch Not 
Applicable 


The selected patch is not 
applicable to the selected 
system and therefore is not 
applied. 


When the selected patch is not applicable to the 
selected system. 


Failed VPM Patch and Fix 


A failure has occurred during 
a VPM patch or fix operation. 


This event occurs when one or more patches fails to 
complete because of an internal error. Check the 
system event log for more information. 
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Table 7 VPM patch and fix events 



Event 


Description 


Occurs 


Failed VPM Patch and Fix 
for a System 


A failure has occurred during 
a VPM patch or fix operation 
for a particular system. 


When an individual system fix fails to complete 
because of an internal error. Check the system event 
log for more information. 
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uisition events 

Table 8 lists the events created by the Vulnerability and Patch Management Pack patch acquisition. 



Table 8 VPM acquisition events 


Event 


Description 


Occurs 


Started VPM Acquisition 


Acquisition of vulnerability 
updates and patches has 
started 


When acquisition of scan definitions, patches and 
fixes for selected operating systems and applications 
has started. This operation might take a while 
depending on the number ot items being 
downloaded. 


VPM has been Updated 


The VPM product has been 
updated 


When patches for selected operating systems and 

l-i- L L J 1 J J £ II 

applications nave been downloaded successtully as 
part of an acquisition. 


VPM Scan Definitions 
Updated 


Successfully updated 
vulnerability scan definitions 


When scan definition files have been updated 
successfully as part of an acquisition. 


VPM / STAT Updated 


Successfully updated the 
vulnerability scanner 
component of VPM 


When code that scans and fixes configuration issues 
has been updated successfully as part of an 
acquisition. 


VPM Scan Definitions Up- 
to-date 


No updates required for the 
vulnerability scan definitions, 
already up to date 


When scan definition files did not need to be 
updated as part of an acquisition. 


VPM / STAT Up-to-date 


No updates required for the 
vulnerability scanner 

i £ \ /DK A 1 1 

component ot VPM, already 
up to date 


When code that scans and fixes configuration issues 
did not need to be updated as part of an 
acquisition. 


Completed VPM 

Af~m i i^ition 


Acquisition of vulnerability 

imnntf^Q nnn nntfhf^Q hn<; 

completed 


When acquisition of scan definitions, patches, and 

TiYf^Q for cci cir-t^H onf^rntinn cx/ct^mQ nnn nnn if~ntion<i 
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is complete. 


Failed VPM Acquisition 


A failure has occurred during 
a VPM patch acquisition 


When acquisition of scan definitions, patches, and 
fixes for selected operating systems and applications 
failed. 


Failed VPM Scan 
Definitions Update 


Updates for the vulnerability 
scan definitions failed 


When acquisition of scan definitions has failed. 


Failed VPM / STAT 
Update 


Updates for the vulnerability 
scanner component of VPM 
failed 


When acquisition of updated code that scans and 
fixes configuration issues failed. 



Vulnerability and Patch Management Pack events 102 



Miscellaneous events 

Table 9 lists the miscellaneous events created by Vulnerability and Patch Management Pack. 



Table 9 Miscellaneous VPM events 



Event 


Description 


Occurs 


Installed VPM 


VPM has been installed 


When installation of VPM successfully completes. 


Removed VPM 


The VPM product has been 
removed from this HP SIM 
Server 


^Vhen uninstallation of VPM successfully completes. 


VPM Product License 


VPM license applied 


When a license for VPM is successfully applied to 
HP SIM. 


VPM Product License 
Failure 


VPM license not applied 


When a license for VPM is not successfully applied 
to HP SIM. 


VPM Security Access 
Violation 


VPM is reporting a security 
violation 


When the VPM plug-in (on the HP SIM server) does 
not have the right credentials to access the STAT 
Scanner service (on the VPM server). 


VPM Scan Definition 
Creation Failure 


VPM could not write a new 
vulnerability scan definition 
file 


When a custom scan definition cannot be created. 
This event can indicate a lack of disk space or 
permission problems. 


VPM Scan Definition 
Removal Failure 


VPM could not remove a 
vulnerability scan definition 
file 


When one or more custom scan definitions are not 
removed as a part of the delete operation from the 
Customize Scan operation. 


VPM Scanner Service 
Unreachable 


VPM could not make a 
connection to the vulnerability 
scanner service 


When VPM has found a problem trying to contact 
the STAT Scanner service either because of a 
network problem or because STAT Scanner service 
is not operational (for example, IIS service is not 
running on the VPM server). 


VPM Results Structure 
Creation Failure 


VPM could not create its 
results directory 


When VPM cannot create the directory structure 
required to receive the scan results. 


VPM Results Creation 
Failure 


VPM could not write a results 
file 


When a custom scan definition cannot be created. 
This event can indicate a lack of disk space or 
permission problems. 


VPM Results Removal 
Failure 


VPM failed to remove a results 
file from the VPM results area 


When one or more reports are not removed as a 
part of the delete operation from the View Results by 
System or View Results by Scan Name process. 


Installed VPM Patch 
Agent 


The VPM Patch Agent has 
been installed 


When the VPM Patch Agent deploys successfully to 
a system as part of a licensing operation or the 
Deploy VPM Patch Agent operation. 
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Table 9 Miscellaneous VPM events 



Event 


Description 


Occurs 


Fr^ilorJ VPK/ Pntrk Annnt 

ranea vr/vi raicn Mgeni 
Install 


m raiiure nas occurrea in ine 
VPM Patch Agent installation 


vvnen ine vr/vi raicn /-vgeni rails to aepioy to a 
system as part of a licensing operation or the Deploy 
VPM Patch Agent operation. VPM might not have 
permission to access the system. If the system type is 
Unknown or Unmanaged, the VPM Patch Agent must 
be deployed from the Deploy VPM Patch Agent 
menu so the operating system type can be manually 
selected. 


Started VPM Patch 
Removal 


A patch removal operation 
has been started 


When removal of a patch starts. 


Comoleted VPM Patch 
Removal 


A nntch rpmovn onprntion 
has completed 


\A/hpn n nntch k ^uccp^fu v rpmovpd from n 
system. 


VPM Generic Radia Error 


An error has been detected in 
the Radia Patch Manager 
component of VPM 


When an error occurs while attempting to apply a 
patch. See the event details for more information. 


VPM Generic Internal 
Error 


An internal error has been 
detected in VPM 


When some unexpected error occurs during normal 
VPM operation. Some internal events have minor 



severity and might not cause problems to normal 
operation. However, critical events should be 
analyzed thoroughly. 
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HP services and technical support 



Vulnerability and Patch Management Pack is offered exclusively as a part of Insight Control 
Environment and Insight Control Environment for BladeSystem. Starting in July 2007, Insight Control 
Environment suites will include one year of 24 x 7 HP Software Technical Support and Update 
Service. 

This service provides access to HP technical resources to help you resolve software implementation or 
operational issues. This service also provides access to software updates and reference manuals either 
in electronic format or on physical media as they are made available from HP. 

With this service, Insight Control Environment and Insight Control Environment for BladeSystem 
customers will benefit from expedited problem resolution and proactive notification and delivery of 
Insight Control Management software updates. 

To activate your HP Software Technical Support and Update Service for Insight Control and Insight 
Control Environment for BladeSystem, you must register your software purchase through the HP 
website at http:/ / www.hp.com/ go/ice . 

Failure to register your service will jeopardize service fulfillment. 

Your Service Agreement Identifier (SAID) will be delivered to you after registration. After you have 
received your SAID, you can go to the software update manager (SUM) web page to view your 
contract online and elect electronic delivery (in addition to standard media-based updates). For more 
information about this service, see http:/ / www.hp.com/ services/insight . 

In addition to the new Software Technical Support and Update Service, HP also offers a number of 
additional software support services, many of which are provided to our customers at no additional 
charge. 

• Warranty— HP will replace defective delivery media for a period of 90 days from the date of 
purchase. This warranty applies to all Insight Control Management, HP Systems Insight 
Manager, and ProLiant Essentials products. 

• Startup technical software support— Phone support is available to help you with basic 
installation, set-up, and usage questions. This support is provided by the knowledgeable HP 
Insight Control Management and Systems Insight Manager specialists 7 team and is available for 
no additional charge up to 90 days from the date of purchase of your server. For support in the 
U.S., call 1-800-HP-INVENT (1-800-474-6836). (When prompted, say "Insight Manager, P2P, 
and SMP.") HP Worldwide support numbers for HP SIM, P2P, and SMP are available at 
http:/ / www.hp.com/ country / us/ en/ wwcontact.html . 

• Join the discussion ( http://forums.itrc.hp.com )— The HP Support Forum is a community-based, 
user-supported tool for HP customers to participate in discussions among customers about HP 
products. For discussions related to Insight Control and ProLiant Essentials software, click 
Management software and system tools. 

• Software and Drivers download pages ( http:/ / www.hp.com/ support ) —These pages provide the 
latest software and drivers for your ProLiant products. 

• Management Security ( http:/ / www.hp.com/ servers/ manage/ security ) —HP is proactive in its 
approach to the quality and security of all its management software. Be sure to check this 
website often for the latest downloadable security updates. 
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Obtain the latest SmartStart ( http:/ / www.hp.com/ servers/ smartstart ) — The SmartStart, 
Management, and Firmware CDs are now available for download by registering at the 
SmartStart website. If you wish to receive physical kits with each release, you can order single 
release kits from the SmartStart website. To receive proactive notification when SmartStart 
releases are available, subscribe to Subscriber's Choice at 
http:/ / www.hp.com/ go/ subscriberschoice . 
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